[ubuntu/focal-proposed] grub2_2.04-1ubuntu47.4_amd64.tar.gz - (Accepted)
Chris Coulson
chris.coulson at canonical.com
Fri Sep 23 22:15:35 UTC 2022
grub2-unsigned (2.04-1ubuntu47.4) impish; urgency=medium
[ Chris Coulson ]
* SECURITY UPDATE: Crafted PNG grayscale images may lead to out-of-bounds
write in heap.
- 0248-video-readers-png-Drop-greyscale-support-to-fix-heap.patch:
video/readers/png: Drop greyscale support to fix heap out-of-bounds write
- CVE-2021-3695
* SECURITY UPDATE: Crafted PNG image may lead to out-of-bound write during
huffman table handling.
- 0249-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch:
video/readers/png: Avoid heap OOB R/W inserting huff table items
- CVE-2021-3696
* SECURITY UPDATE: Crafted JPEG image can lead to buffer underflow write in
the heap.
- 0254-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch:
video/readers/jpeg: Block int underflow -> wild pointer write
- CVE-2021-3697
* SECURITY UPDATE: Integer underflow in grub_net_recv_ip4_packets
- 0257-net-ip-Do-IP-fragment-maths-safely.patch: net/ip: Do IP fragment
maths safely
- CVE-2022-28733
* SECURITY UPDATE: Out-of-bounds write when handling split HTTP headers
- 0263-net-http-Fix-OOB-write-for-split-http-headers.patch: net/http: Fix
OOB write for split http headers
- CVE-2022-28734
* SECURITY UPDATE: use-after-free in grub_cmd_chainloader()
- 0240-loader-efi-chainloader-simplify-the-loader-state.patch:
loader/efi/chainloader: simplify the loader state
- 0241-commands-boot-Add-API-to-pass-context-to-loader.patch: commands/boot:
Add API to pass context to loader
- 0242-loader-efi-chainloader-Use-grub_loader_set_ex.patch:
loader/efi/chainloader: Use grub_loader_set_ex
- 0243-loader-i386-efi-linux-Use-grub_loader_set_ex.patch:
loader/i386/efi/linux: Use grub_loader_set_ex
* Various fixes as a result of fuzzing and static analysis:
- 0240-misc-Format-string-for-grub_error-should-be-a-litera.patch:
misc: Format string for grub_error() should be a literal
- 0239-loader-efi-chainloader-grub_load_and_start_image-doe.patch:
loader/efi/chainloader: grub_load_and_start_image doesn't load and start
- 0244-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch:
loader/i386/efi/linux: Fix a memory leak in the initrd command
- 0245-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch:
kern/file: Do not leak device_name on error in grub_file_open()
- 0246-video-readers-png-Abort-sooner-if-a-read-operation-f.patch:
video/readers/png: Abort sooner if a read operation fails
- 0247-video-readers-png-Refuse-to-handle-multiple-image-he.patch:
video/readers/png: Refuse to handle multiple image headers
- 0250-video-readers-png-Sanity-check-some-huffman-codes.patch:
video/readers/png: Sanity check some huffman codes
- 0251-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch:
video/readers/jpeg: Abort sooner if a read operation fails
- 0252-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch:
video/readers/jpeg: Do not reallocate a given huff table
- 0253-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch:
video/readers/jpeg: Refuse to handle multiple start of streams
- 0255-normal-charset-Fix-array-out-of-bounds-formatting-un.patch:
normal/charset: Fix array out-of-bounds formatting unicode for display
- 0256-net-netbuff-Block-overly-large-netbuff-allocs.patch:
net/netbuff: Block overly large netbuff allocs
- 0258-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch:
net/dns: Fix double-free addresses on corrupt DNS response
- 0259-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch:
net/dns: Don't read past the end of the string we're checking against
- 0260-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch:
net/tftp: Prevent a UAF and double-free from a failed seek
- 0261-net-tftp-Avoid-a-trivial-UAF.patch: net/tftp: Avoid a trivial UAF
- 0262-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch:
net/http: Do not tear down socket if it's already been torn down
- 0264-net-http-Error-out-on-headers-with-LF-without-CR.patch:
net/http: Error out on headers with LF without CR
- 0265-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch:
fs/f2fs: Do not read past the end of nat journal entries
- 0266-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch:
fs/f2fs: Do not read past the end of nat bitmap
- 0267-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch:
fs/f2fs: Do not copy file names that are too long
- 0268-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch:
fs/btrfs: Fix several fuzz issues with invalid dir item sizing
- 0269-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch:
fs/btrfs: Fix more ASAN and SEGV issues found with fuzzing
- 0270-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch:
fs/btrfs: Fix more fuzz issues related to chunks
* Bump SBAT generation:
- update debian/sbat.csv.in
* Make the grub2/no_efi_extra_removable setting work correctly
- update debian/postinst.in
* Build grub2-unsigned packages with xz compression for compatibility
with xenial dpkg
- update debian/rules
[ Steve Langasek ]
* Bump versioned dependency on grub2-common to 2.02~beta2-36ubuntu3.32 for
necessary arm relocation support. LP: #1926748.
* debian/postinst.in: Unconditionally call grub-install with
--force-extra-removable on xenial and bionic, so that the \EFI\BOOT
removable path as used in cloud images receives the updates. LP: #1930742.
Date: Tue, 07 Jun 2022 17:36:27 +0100
Changed-By: Chris Coulson <chris.coulson at canonical.com>
Maintainer: Launchpad Build Daemon <buildd at lcy02-amd64-084.buildd>
-------------- next part --------------
Format: 1.8
Date: Tue, 07 Jun 2022 17:36:27 +0100
Source: grub2-unsigned
Binary: grub-efi-amd64 grub-efi-amd64-bin grub-efi-amd64-dbg
Built-For-Profiles: noudeb
Architecture: amd64 amd64_translations
Version: 2.04-1ubuntu47.4
Distribution: impish
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd at lcy02-amd64-084.buildd>
Changed-By: Chris Coulson <chris.coulson at canonical.com>
Description:
grub-efi-amd64 - GRand Unified Bootloader, version 2 (EFI-AMD64 version)
grub-efi-amd64-bin - GRand Unified Bootloader, version 2 (EFI-AMD64 modules)
grub-efi-amd64-dbg - GRand Unified Bootloader, version 2 (EFI-AMD64 debug files)
Launchpad-Bugs-Fixed: 1926748 1930742
Changes:
grub2-unsigned (2.04-1ubuntu47.4) impish; urgency=medium
.
[ Chris Coulson ]
* SECURITY UPDATE: Crafted PNG grayscale images may lead to out-of-bounds
write in heap.
- 0248-video-readers-png-Drop-greyscale-support-to-fix-heap.patch:
video/readers/png: Drop greyscale support to fix heap out-of-bounds write
- CVE-2021-3695
* SECURITY UPDATE: Crafted PNG image may lead to out-of-bound write during
huffman table handling.
- 0249-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch:
video/readers/png: Avoid heap OOB R/W inserting huff table items
- CVE-2021-3696
* SECURITY UPDATE: Crafted JPEG image can lead to buffer underflow write in
the heap.
- 0254-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch:
video/readers/jpeg: Block int underflow -> wild pointer write
- CVE-2021-3697
* SECURITY UPDATE: Integer underflow in grub_net_recv_ip4_packets
- 0257-net-ip-Do-IP-fragment-maths-safely.patch: net/ip: Do IP fragment
maths safely
- CVE-2022-28733
* SECURITY UPDATE: Out-of-bounds write when handling split HTTP headers
- 0263-net-http-Fix-OOB-write-for-split-http-headers.patch: net/http: Fix
OOB write for split http headers
- CVE-2022-28734
* SECURITY UPDATE: use-after-free in grub_cmd_chainloader()
- 0240-loader-efi-chainloader-simplify-the-loader-state.patch:
loader/efi/chainloader: simplify the loader state
- 0241-commands-boot-Add-API-to-pass-context-to-loader.patch: commands/boot:
Add API to pass context to loader
- 0242-loader-efi-chainloader-Use-grub_loader_set_ex.patch:
loader/efi/chainloader: Use grub_loader_set_ex
- 0243-loader-i386-efi-linux-Use-grub_loader_set_ex.patch:
loader/i386/efi/linux: Use grub_loader_set_ex
* Various fixes as a result of fuzzing and static analysis:
- 0240-misc-Format-string-for-grub_error-should-be-a-litera.patch:
misc: Format string for grub_error() should be a literal
- 0239-loader-efi-chainloader-grub_load_and_start_image-doe.patch:
loader/efi/chainloader: grub_load_and_start_image doesn't load and start
- 0244-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch:
loader/i386/efi/linux: Fix a memory leak in the initrd command
- 0245-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch:
kern/file: Do not leak device_name on error in grub_file_open()
- 0246-video-readers-png-Abort-sooner-if-a-read-operation-f.patch:
video/readers/png: Abort sooner if a read operation fails
- 0247-video-readers-png-Refuse-to-handle-multiple-image-he.patch:
video/readers/png: Refuse to handle multiple image headers
- 0250-video-readers-png-Sanity-check-some-huffman-codes.patch:
video/readers/png: Sanity check some huffman codes
- 0251-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch:
video/readers/jpeg: Abort sooner if a read operation fails
- 0252-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch:
video/readers/jpeg: Do not reallocate a given huff table
- 0253-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch:
video/readers/jpeg: Refuse to handle multiple start of streams
- 0255-normal-charset-Fix-array-out-of-bounds-formatting-un.patch:
normal/charset: Fix array out-of-bounds formatting unicode for display
- 0256-net-netbuff-Block-overly-large-netbuff-allocs.patch:
net/netbuff: Block overly large netbuff allocs
- 0258-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch:
net/dns: Fix double-free addresses on corrupt DNS response
- 0259-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch:
net/dns: Don't read past the end of the string we're checking against
- 0260-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch:
net/tftp: Prevent a UAF and double-free from a failed seek
- 0261-net-tftp-Avoid-a-trivial-UAF.patch: net/tftp: Avoid a trivial UAF
- 0262-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch:
net/http: Do not tear down socket if it's already been torn down
- 0264-net-http-Error-out-on-headers-with-LF-without-CR.patch:
net/http: Error out on headers with LF without CR
- 0265-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch:
fs/f2fs: Do not read past the end of nat journal entries
- 0266-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch:
fs/f2fs: Do not read past the end of nat bitmap
- 0267-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch:
fs/f2fs: Do not copy file names that are too long
- 0268-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch:
fs/btrfs: Fix several fuzz issues with invalid dir item sizing
- 0269-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch:
fs/btrfs: Fix more ASAN and SEGV issues found with fuzzing
- 0270-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch:
fs/btrfs: Fix more fuzz issues related to chunks
* Bump SBAT generation:
- update debian/sbat.csv.in
* Make the grub2/no_efi_extra_removable setting work correctly
- update debian/postinst.in
* Build grub2-unsigned packages with xz compression for compatibility
with xenial dpkg
- update debian/rules
.
[ Steve Langasek ]
* Bump versioned dependency on grub2-common to 2.02~beta2-36ubuntu3.32 for
necessary arm relocation support. LP: #1926748.
* debian/postinst.in: Unconditionally call grub-install with
--force-extra-removable on xenial and bionic, so that the \EFI\BOOT
removable path as used in cloud images receives the updates. LP: #1930742.
Checksums-Sha1:
62de5c8d2afd2204d6a5aade9578fc97c2e64cf3 729784 grub-efi-amd64-bin_2.04-1ubuntu47.4_amd64.deb
aa6a481a427188291c24e7a369007b84eb07a84a 3919928 grub-efi-amd64-dbg_2.04-1ubuntu47.4_amd64.deb
3f950f2408e0074e54861952309e58eba7acd5aa 47024 grub-efi-amd64_2.04-1ubuntu47.4_amd64.deb
c1dcf075e9043fe4395659e53cf875e22a3d2e32 16578 grub2-unsigned_2.04-1ubuntu47.4_amd64.buildinfo
1970ebc9fafeaa7fabc51988038c002d9030d819 3888609 grub2-unsigned_2.04-1ubuntu47.4_amd64_translations.tar.gz
98ab0882d2e00d28bbd6c3576d964b65a9ccbd74 1565742 grub2_2.04-1ubuntu47.4_amd64.tar.gz
Checksums-Sha256:
93b59a512f0b5698db02a99f5fe4df4d6feffcc465526285cdf3dd4ba2e80956 729784 grub-efi-amd64-bin_2.04-1ubuntu47.4_amd64.deb
f65fa65c5eee2f5a3773e6314f041855f986a3f850d2ff98fb1e095c34dd0022 3919928 grub-efi-amd64-dbg_2.04-1ubuntu47.4_amd64.deb
ffbabe1e7a19b82fb76ac0217a8e5acace3bc8578f213246657d2bb975331bc4 47024 grub-efi-amd64_2.04-1ubuntu47.4_amd64.deb
a0e117d4517b81c6bea9d6d33ae2ed61dd3835211d768048c9ce06e00271c107 16578 grub2-unsigned_2.04-1ubuntu47.4_amd64.buildinfo
beb69c69647c9d5b4e27081749296a167c22060ff5514eb5040cf4555c91d455 3888609 grub2-unsigned_2.04-1ubuntu47.4_amd64_translations.tar.gz
e896e8d95d8a5bd24cbcf049d706dbcc59d7c4c74f0d9807c28d33854b6fb9e8 1565742 grub2_2.04-1ubuntu47.4_amd64.tar.gz
Files:
c7d784e43a2953e94640d965a6a14f17 729784 admin optional grub-efi-amd64-bin_2.04-1ubuntu47.4_amd64.deb
88a1dd6fcc8cea0f38781a6e83e37292 3919928 debug optional grub-efi-amd64-dbg_2.04-1ubuntu47.4_amd64.deb
1e3d7845d97e169c5a8e6503639054fe 47024 admin optional grub-efi-amd64_2.04-1ubuntu47.4_amd64.deb
0f00a4465694d02b20231d883238449e 16578 admin optional grub2-unsigned_2.04-1ubuntu47.4_amd64.buildinfo
adfdb7c0220fca474cb79d4f49ab3531 3888609 raw-translations - grub2-unsigned_2.04-1ubuntu47.4_amd64_translations.tar.gz
fa386f1b473394bc3fc978dc983bd004 1565742 raw-uefi - grub2_2.04-1ubuntu47.4_amd64.tar.gz
Original-Maintainer: GRUB Maintainers <pkg-grub-devel at alioth-lists.debian.net>
More information about the Focal-changes
mailing list