[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02
From: |
Daniel Kiper |
Subject: |
Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round |
Date: |
Tue, 2 Mar 2021 21:49:50 +0100 |
User-agent: |
NeoMutt/20170113 (1.7.2) |
Hi Adrian,
On Tue, Mar 02, 2021 at 08:37:14PM +0100, John Paul Adrian Glaubitz wrote:
> Hi Daniel!
>
> On 3/2/21 7:00 PM, Daniel Kiper wrote:
> > The BootHole vulnerability [1][2] announced last year encouraged many
> > people to
> > take a closer look at the security of boot process in general and the GRUB
> > bootloader in particular. Due to that, during past few months we were
> > getting
> > reports of, and also discovering various security flaws in the GRUB
> > ourselves.
> > You can find the list of most severe ones which got CVEs assigned at the
> > end of
> > this message. The patch bundle fixing all these issues in the upstream GRUB
> > contains 117 patches.
>
> Huge thanks and kudos to everyone involved fixing all these vulnerabilities!
>
> Given the amount of patches, wouldn't it make sense to push an RC candidate
> for 2.06 in the near future so that distributions can start shipping the pre-
> release and avoiding to carry this large amount of patches?
I am planning to cut 2.06-rc1 in matter of days...
Daniel
[SECURITY PATCH 117/117] kern/mm: Fix grub_debug_calloc() compilation error, Daniel Kiper, 2021/03/02
[SECURITY PATCH 110/117] grub-install-common: Add --sbat option, Daniel Kiper, 2021/03/02
[SECURITY PATCH 113/117] kern/misc: Add STRING type for internal printf() format handling, Daniel Kiper, 2021/03/02
[SECURITY PATCH 111/117] shim_lock: Only skip loading shim_lock verifier with explicit consent, Daniel Kiper, 2021/03/02
Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round, John Paul Adrian Glaubitz, 2021/03/02
Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round, Paul Menzel, 2021/03/18