[ubuntu/focal-updates] grub2_2.04-1ubuntu26.1_arm64.tar.gz - (Accepted)

Chris Coulson chris.coulson at canonical.com
Wed Jul 29 19:35:44 UTC 2020


grub2 (2.04-1ubuntu26.1) focal; urgency=medium

  [ Julian Andres Klode ]
  * Move gettext patches out of git-dpm's way, so it does not delete them

  [ Chris Coulson ]
  * SECURITY UPDATE: Heap buffer overflow when encountering commands that
    cannot be tokenized to less than 8192 characters.
    - 0082-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch: Make
      fatal lexer errors actually be fatal
    - CVE-2020-10713
  * SECURITY UPDATE: Multiple integer overflow bugs that could result in
    heap buffer allocations that were too small and subsequent heap buffer
    overflows when handling certain filesystems, font files or PNG images.
    - 0083-safemath-Add-some-arithmetic-primitives-that-check-f.patch: Add
      arithmetic primitives that allow for overflows to be detected
    - 0084-calloc-Make-sure-we-always-have-an-overflow-checking.patch:
      Make sure that there is always an overflow checking implementation
      of calloc() available
    - 0085-calloc-Use-calloc-at-most-places.patch: Use calloc where
      appropriate
    - 0086-malloc-Use-overflow-checking-primitives-where-we-do-.patch: Use
      overflow-safe arithmetic primitives when performing allocations
      based on the results of operations that might overflow
    - 0094-hfsplus-fix-two-more-overflows.patch: Fix integer overflows in
      hfsplus
    - 0095-lvm-fix-two-more-potential-data-dependent-alloc-over.patch: Fix
      more potential integer overflows in lvm
    - CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
  * SECURITY UPDATE: Use-after-free when executing a command that causes
    a currently executing function to be redefined.
    - 0092-script-Remove-unused-fields-from-grub_script_functio.patch:
      Remove unused fields from grub_script_function
    - 0093-script-Avoid-a-use-after-free-when-redefining-a-func.patch:
      Avoid a use-after-free when redefining a function during execution
    - CVE-2020-15706
  * SECURITY UPDATE: Integer overflows that could result in heap buffer
    allocations that were too small and subsequent heap buffer overflows
    during initrd loading.
    - 0105-linux-Fix-integer-overflows-in-initrd-size-handling.patch: Fix
      integer overflows in initrd size handling
    - 0106-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch: Fix
      integer overflows in linuxefi grub_cmd_initrd
    - CVE-2020-15707
  * Various fixes as a result of code review and static analysis:
    - 0087-iso9660-Don-t-leak-memory-on-realloc-failures.patch: Fix a
     memory leak on realloc failures when processing symbolic links
    - 0088-font-Do-not-load-more-than-one-NAME-section.patch: Fix a
      memory leak when processing font files with more than one NAME
      section
    - 0089-gfxmenu-Fix-double-free-in-load_image.patch: Zero self->bitmap
      after it is freed in order to avoid a potential double free later on
    - 0090-lzma-Make-sure-we-don-t-dereference-past-array.patch: Fix an
      out-of-bounds read in LzmaEncode
    - 0091-tftp-Do-not-use-priority-queue.patch: Refactor tftp to not use
      priority queues and fix a double free
    - 0096-efi-fix-some-malformed-device-path-arithmetic-errors.patch: Fix
      various arithmetic errors with malformed device paths
    - 0098-Fix-a-regression-caused-by-efi-fix-some-malformed-de.patch: Fix
      a NULL deref in the chainloader command introduced by a previous
      patch
    - 0099-efi-Fix-use-after-free-in-halt-reboot-path.patch: Fix a
      use-after-free in the halt and reboot commands by not freeing
      allocated memory in these paths
    - 0100-chainloader-Avoid-a-double-free-when-validation-fail.patch:
      Avoid a double free in the chainloader command when validation fails
    - 0101-relocator-Protect-grub_relocator_alloc_chunk_addr-in.patch:
      Protect grub_relocator_alloc_chunk_addr input arguments against
      integer overflow / underflow
    - 0102-relocator-Protect-grub_relocator_alloc_chunk_align-m.patch:
      Protect grub_relocator_alloc_chunk_align max_addr argument against
      integer underflow
    - 0103-relocator-Fix-grub_relocator_alloc_chunk_align-top-m.patch: Fix
      grub_relocator_alloc_chunk_align top memory allocation
    - 0104-linux-loader-avoid-overflow-on-initrd-size-calculati.patch:
      Avoid overflow on initrd size calculation

  [ Dimitri John Ledkov ]
  * SECURITY UPDATE: Grub does not enforce kernel signature validation
    when the shim protocol isn't present.
    - 0097-linuxefi-fail-kernel-validation-without-shim-protoco.patch:
      Fail kernel validation if the shim protocol isn't available
    - CVE-2020-15705

Date: Mon, 20 Jul 2020 19:19:08 +0100
Changed-By: Chris Coulson <chris.coulson at canonical.com>
Maintainer: Launchpad Build Daemon <buildd at bos02-arm64-048.buildd>

-------------- next part --------------
Format: 1.8
Date: Mon, 20 Jul 2020 19:19:08 +0100
Source: grub2
Binary: grub-common grub-efi-arm64 grub-efi-arm64-bin grub-efi-arm64-dbg grub-efi-arm64-signed-template grub-mount-udeb grub-theme-starfield grub2-common
Architecture: arm64 arm64_translations
Version: 2.04-1ubuntu26.1
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd at bos02-arm64-048.buildd>
Changed-By: Chris Coulson <chris.coulson at canonical.com>
Description:
 grub-common - GRand Unified Bootloader (common files)
 grub-efi-arm64 - GRand Unified Bootloader, version 2 (ARM64 UEFI version)
 grub-efi-arm64-bin - GRand Unified Bootloader, version 2 (ARM64 UEFI modules)
 grub-efi-arm64-dbg - GRand Unified Bootloader, version 2 (ARM64 UEFI debug files)
 grub-efi-arm64-signed-template - GRand Unified Bootloader, version 2 (ARM64 UEFI signing template)
 grub-mount-udeb - export GRUB filesystems using FUSE (udeb)
 grub-theme-starfield - GRand Unified Bootloader, version 2 (starfield theme)
 grub2-common - GRand Unified Bootloader (common files for version 2)
Changes:
 grub2 (2.04-1ubuntu26.1) focal; urgency=medium
 .
   [ Julian Andres Klode ]
   * Move gettext patches out of git-dpm's way, so it does not delete them
 .
   [ Chris Coulson ]
   * SECURITY UPDATE: Heap buffer overflow when encountering commands that
     cannot be tokenized to less than 8192 characters.
     - 0082-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch: Make
       fatal lexer errors actually be fatal
     - CVE-2020-10713
   * SECURITY UPDATE: Multiple integer overflow bugs that could result in
     heap buffer allocations that were too small and subsequent heap buffer
     overflows when handling certain filesystems, font files or PNG images.
     - 0083-safemath-Add-some-arithmetic-primitives-that-check-f.patch: Add
       arithmetic primitives that allow for overflows to be detected
     - 0084-calloc-Make-sure-we-always-have-an-overflow-checking.patch:
       Make sure that there is always an overflow checking implementation
       of calloc() available
     - 0085-calloc-Use-calloc-at-most-places.patch: Use calloc where
       appropriate
     - 0086-malloc-Use-overflow-checking-primitives-where-we-do-.patch: Use
       overflow-safe arithmetic primitives when performing allocations
       based on the results of operations that might overflow
     - 0094-hfsplus-fix-two-more-overflows.patch: Fix integer overflows in
       hfsplus
     - 0095-lvm-fix-two-more-potential-data-dependent-alloc-over.patch: Fix
       more potential integer overflows in lvm
     - CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
   * SECURITY UPDATE: Use-after-free when executing a command that causes
     a currently executing function to be redefined.
     - 0092-script-Remove-unused-fields-from-grub_script_functio.patch:
       Remove unused fields from grub_script_function
     - 0093-script-Avoid-a-use-after-free-when-redefining-a-func.patch:
       Avoid a use-after-free when redefining a function during execution
     - CVE-2020-15706
   * SECURITY UPDATE: Integer overflows that could result in heap buffer
     allocations that were too small and subsequent heap buffer overflows
     during initrd loading.
     - 0105-linux-Fix-integer-overflows-in-initrd-size-handling.patch: Fix
       integer overflows in initrd size handling
     - 0106-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch: Fix
       integer overflows in linuxefi grub_cmd_initrd
     - CVE-2020-15707
   * Various fixes as a result of code review and static analysis:
     - 0087-iso9660-Don-t-leak-memory-on-realloc-failures.patch: Fix a
      memory leak on realloc failures when processing symbolic links
     - 0088-font-Do-not-load-more-than-one-NAME-section.patch: Fix a
       memory leak when processing font files with more than one NAME
       section
     - 0089-gfxmenu-Fix-double-free-in-load_image.patch: Zero self->bitmap
       after it is freed in order to avoid a potential double free later on
     - 0090-lzma-Make-sure-we-don-t-dereference-past-array.patch: Fix an
       out-of-bounds read in LzmaEncode
     - 0091-tftp-Do-not-use-priority-queue.patch: Refactor tftp to not use
       priority queues and fix a double free
     - 0096-efi-fix-some-malformed-device-path-arithmetic-errors.patch: Fix
       various arithmetic errors with malformed device paths
     - 0098-Fix-a-regression-caused-by-efi-fix-some-malformed-de.patch: Fix
       a NULL deref in the chainloader command introduced by a previous
       patch
     - 0099-efi-Fix-use-after-free-in-halt-reboot-path.patch: Fix a
       use-after-free in the halt and reboot commands by not freeing
       allocated memory in these paths
     - 0100-chainloader-Avoid-a-double-free-when-validation-fail.patch:
       Avoid a double free in the chainloader command when validation fails
     - 0101-relocator-Protect-grub_relocator_alloc_chunk_addr-in.patch:
       Protect grub_relocator_alloc_chunk_addr input arguments against
       integer overflow / underflow
     - 0102-relocator-Protect-grub_relocator_alloc_chunk_align-m.patch:
       Protect grub_relocator_alloc_chunk_align max_addr argument against
       integer underflow
     - 0103-relocator-Fix-grub_relocator_alloc_chunk_align-top-m.patch: Fix
       grub_relocator_alloc_chunk_align top memory allocation
     - 0104-linux-loader-avoid-overflow-on-initrd-size-calculati.patch:
       Avoid overflow on initrd size calculation
 .
   [ Dimitri John Ledkov ]
   * SECURITY UPDATE: Grub does not enforce kernel signature validation
     when the shim protocol isn't present.
     - 0097-linuxefi-fail-kernel-validation-without-shim-protoco.patch:
       Fail kernel validation if the shim protocol isn't available
     - CVE-2020-15705
Checksums-Sha1:
 faf09b7d3abc88574ee32942ed56af1db015b108 13707496 grub-common-dbgsym_2.04-1ubuntu26.1_arm64.ddeb
 b3f189bc3c6934d7be96152653148d1599f0ac2b 1835524 grub-common_2.04-1ubuntu26.1_arm64.deb
 fbfdf5bfb0b9618ac09c63e8d90be90824caaefc 600612 grub-efi-arm64-bin_2.04-1ubuntu26.1_arm64.deb
 0fa82dcbcec86e035f3fcdb12160e55f514e48c9 3098600 grub-efi-arm64-dbg_2.04-1ubuntu26.1_arm64.deb
 a3e1ead7cf1570e7432582101dec43de48433e02 14212 grub-efi-arm64-signed-template_2.04-1ubuntu26.1_arm64.deb
 39746f4b24e6325b547d8d63f492fc8a8664a59d 46524 grub-efi-arm64_2.04-1ubuntu26.1_arm64.deb
 536b225c242d51052dd848826a157c1dfebec233 395932 grub-mount-udeb_2.04-1ubuntu26.1_arm64.udeb
 b1a1bb1945ad0091b26e54853a11f067e4a5e158 1673440 grub-theme-starfield_2.04-1ubuntu26.1_arm64.deb
 f2152f895b4ee5ce2bca9fad47d24665e4c1d361 1713344 grub2-common-dbgsym_2.04-1ubuntu26.1_arm64.ddeb
 a3bfcd663692a2031a59bc183ff5a483bf6ab164 568632 grub2-common_2.04-1ubuntu26.1_arm64.deb
 06924108308e9ee41017b6e396be9a643087f935 14335 grub2_2.04-1ubuntu26.1_arm64.buildinfo
 df1d169cb53f5dc2a622b8f541a91dee65b79757 1580176 grub2_2.04-1ubuntu26.1_arm64.tar.gz
 bffe900b8059f1336ec5552705869b2ff00fefc2 4957314 grub2_2.04-1ubuntu26.1_arm64_translations.tar.gz
Checksums-Sha256:
 16d330b8146ed2b048767c89cac39021409c1ecac9c88cb2889820a1bbcff048 13707496 grub-common-dbgsym_2.04-1ubuntu26.1_arm64.ddeb
 42bde99fe0cd5e42a76a4575f99c1784899cab40b66ca8bcf0a1908e76a2b010 1835524 grub-common_2.04-1ubuntu26.1_arm64.deb
 537163664eb59a60c821827ef686913dcf0310a178d87913c80043e757d77ba8 600612 grub-efi-arm64-bin_2.04-1ubuntu26.1_arm64.deb
 7da2fa99d92beac0758cfcf7a3051e6bc8b4f3cbad83a48223bb98102f50da78 3098600 grub-efi-arm64-dbg_2.04-1ubuntu26.1_arm64.deb
 c25f25d669022ea0ecd146b4618da4c741c33f03c2231db5db35a8fa06fec542 14212 grub-efi-arm64-signed-template_2.04-1ubuntu26.1_arm64.deb
 ae69e4e7b53a2db68aa76f42f48017a8e58792e740f1cf89737262afc5454988 46524 grub-efi-arm64_2.04-1ubuntu26.1_arm64.deb
 ef2fa2b23abffa10b938c3cc9fc91f2aade9576add24fe0318dc3151ad7c8845 395932 grub-mount-udeb_2.04-1ubuntu26.1_arm64.udeb
 510bfb8a156dad7c6f8924345828e4791f81767b31210e3d4437748640cd160b 1673440 grub-theme-starfield_2.04-1ubuntu26.1_arm64.deb
 a95ffc0d951084b249e9d04012eab6768c1e897dc8744c2ab42c819c63daac40 1713344 grub2-common-dbgsym_2.04-1ubuntu26.1_arm64.ddeb
 3366decf21c444ded433363b6ecb44d0ffcfc451b9c4f17e18199d11bccd89ba 568632 grub2-common_2.04-1ubuntu26.1_arm64.deb
 690176219ed2681f157d4237c8caa27c4313c502a319b1a901a19401e9de3e10 14335 grub2_2.04-1ubuntu26.1_arm64.buildinfo
 e8abf706eb40fc67e2f237500bc9b3fdd390acf05d79b394dc9c2860b55b3657 1580176 grub2_2.04-1ubuntu26.1_arm64.tar.gz
 87e734257346901fcc141fb89e7d39cbaffcd5eebca6ea7eae675ea622f6353a 4957314 grub2_2.04-1ubuntu26.1_arm64_translations.tar.gz
Files:
 dc21793a539a0d6d86f4611e32f648bd 13707496 debug optional grub-common-dbgsym_2.04-1ubuntu26.1_arm64.ddeb
 7b8c302cdf52e20bb9b3093abdc7e62c 1835524 admin optional grub-common_2.04-1ubuntu26.1_arm64.deb
 de6958a953d58919fdb6578eed2edabf 600612 admin optional grub-efi-arm64-bin_2.04-1ubuntu26.1_arm64.deb
 da21e0ffc8e393fa0bfed22a18ae67aa 3098600 debug optional grub-efi-arm64-dbg_2.04-1ubuntu26.1_arm64.deb
 e07605357c8fe6f47edb5af709217fb9 14212 admin optional grub-efi-arm64-signed-template_2.04-1ubuntu26.1_arm64.deb
 6f5bbc34c59c3c68f081040492da52bf 46524 admin optional grub-efi-arm64_2.04-1ubuntu26.1_arm64.deb
 24bc91349e0f868dbd058c55c0313406 395932 debian-installer optional grub-mount-udeb_2.04-1ubuntu26.1_arm64.udeb
 384dd3f00d2048eb7a01457be968805a 1673440 admin optional grub-theme-starfield_2.04-1ubuntu26.1_arm64.deb
 f04dae3fc2b13abee9c80889c5ae8f78 1713344 debug optional grub2-common-dbgsym_2.04-1ubuntu26.1_arm64.ddeb
 8cae8dfdb72e06c78a0876b5278fdd42 568632 admin optional grub2-common_2.04-1ubuntu26.1_arm64.deb
 699c301d2fc683583227c6bbc4b161b8 14335 admin optional grub2_2.04-1ubuntu26.1_arm64.buildinfo
 0be01c24f8e28b2b4faebf6ccd1c1f8e 1580176 raw-uefi - grub2_2.04-1ubuntu26.1_arm64.tar.gz
 99132da75ca98b804291f6981afc8513 4957314 raw-translations - grub2_2.04-1ubuntu26.1_arm64_translations.tar.gz
Original-Maintainer: GRUB Maintainers <pkg-grub-devel at alioth-lists.debian.net>


More information about the Focal-changes mailing list