[Bug 2008950] Re: Missing modules on arm64 builds of monolithic grub
Launchpad Bug Tracker
2008950 at bugs.launchpad.net
Mon Aug 7 08:38:09 UTC 2023
This bug was fixed in the package grub2 - 2.12~rc1-4ubuntu1
---------------
grub2 (2.12~rc1-4ubuntu1) mantic; urgency=medium
* Merge from Debian unstable (LP: #2028947); remaining changes:
- Add Ubuntu sbat data
- build-efi-images: do not produce -installer.efi.signed. LP: 1863994
- grub-common: Install canonical-uefi-ca.crt
- Check signatures
- Support installing to multiple ESP (LP: 1871821)
- Disable various bits on i386
- Split out unsigned artefacts into grub2-unsigned
- Vcs-Git: Point to ubuntu packaging branch
- Relax dependencies on grub-common and grub2-common
- grub-pc: Avoid the possibility of breaking grub on SRU update due
to ABI change
- UBUNTU: Default timeout changes
- Revert "Add jfs module to signed UEFI images. Closes: #950959"
- Revert "Add f2fs module to signed UEFI images"
- Install grub-initrd-fallback.service again
- Build using -O1 on s390x to avoid misoptimization
- grub-check-signatures: Support gzip compressed kernels (LP: #1954683)
- grub-multi-install: Reset partition type between partitions (LP: #1997795)
- Drop i386 from grub-efi-amd64* (LP: #2020907)
- Turn depends on grub-efi-amd64/arm64 unversioned
- forward port fix for LP: #1926748
- Make the grub2/no_efi_extra_removable setting work correctly
- Forward port the fix for LP: #1930742 and make it conditional (xenial/bionic only)
- Build grub2-unsigned packages with xz compression
- Replaced patches:
- installe-signed.patched
- grub-install-extra-removable.patch
- grub-install-removable-shim.patch
- Added patches:
+ rhboot-f34-dont-use-int-for-efi-status.patch
+ rhboot-f34-make-exit-take-a-return-code.patch
+ suse-grub.texi-add-net_bootp6-document.patch
+ ubuntu-add-devicetree-command-support.patch
+ ubuntu-add-initrd-less-boot-fallback.patch
+ ubuntu-add-initrd-less-boot-messages.patch
+ ubuntu-boot-from-multipath-dependent-symlink.patch
+ ubuntu-dont-verify-loopback-images.patch
+ ubuntu-fix-lzma-decompressor-objcopy.patch
+ ubuntu-grub-install-extra-removable.patch
+ ubuntu-install-signed.patch
+ ubuntu-mkconfig-leave-breadcrumbs.patch
+ ubuntu-os-prober-auto.patch
+ ubuntu-recovery-dis_ucode_ldr.patch
+ ubuntu-resilient-boot-boot-order.patch
+ ubuntu-resilient-boot-ignore-alternative-esps.patch
+ ubuntu-shorter-version-info.patch
+ ubuntu-speed-zsys-history.patch
+ ubuntu-support-initrd-less-boot.patch
+ ubuntu-verifiers-last.patch
+ ubuntu-zfs-enhance-support.patch
+ ubuntu-zfs-gfxpayload-dynamic.patch
+ ubuntu-zfs-gfxpayload-keep-default.patch
+ ubuntu-zfs-insmod-xzio-and-lzopio-on-xen.patch
+ ubuntu-zfs-mkconfig-recovery-title.patch
+ ubuntu-zfs-mkconfig-signed-kernel.patch
+ ubuntu-zfs-mkconfig-ubuntu-distributor.patch
+ ubuntu-zfs-mkconfig-ubuntu-recovery.patch
+ ubuntu-zfs-vt-handoff.patch
* Dropped Ubuntu changes:
- All the rhboot loader patches
- Temporarily, support for GRUB_FLAVOUR_ORDER
- RISC-V patches, applied upstream:
+ efi-add-definition-of-LoadFile2-protocol.patch
+ efi-correct-struct-grub_efi_boot_services.patch
+ efi-implemented-LoadFile2-initrd-loading-protocol-fo.patch
+ efi-implement-grub_efi_run_image.patch
+ RISC-V-Update-image-header.patch
+ RISC-V-Use-common-linux-loader.patch
+ riscv-adjust-march-flags-for-binutils-2.38.patch
+ upstream/riscv-handle-r-riscv-call-plt-reloc.patch
+ loader-drop-argv-argument-in-grub_initrd_load.patch
+ loader-Move-arm64-linux-loader-to-common-code.patch
- Networking patches (rebasing still WIP):
+ cherrypick-efi-grub_efi_close_protocol.patch
+ cherrypick-efinet-correct-closing-snp-protocol.patch
+ efinet-uefi-ipv6-pxe-support.patch
+ suse-add-support-for-UEFI-network-protocols.patch
+ suse-AUDIT-0-http-boot-tracker-bug.patch
- Red Hat boot loader, replaced by upstream:
+ linuxefi-do-not-validate-kernels-twice.patch
+ linuxefi-Invalidate-i-cache-before-starting-the-kern.patch
+ rhboot-bounce-buffers.patch
+ rhboot-efi-allocate-in-kernel-bounds.patch
+ rhboot-efi-allocate-kernel-as-code-for-real.patch
+ rhboot-efi-allocate-kernel-as-code.patch
+ rhboot-efi-enumerated-array-for-allocation-choice.patch
+ rhboot-efi-fix-incorrect-array-size.patch
+ rhboot-efi-initrd-above-4gb.patch
+ rhboot-efi-kernel-allocator.patch
+ rhboot-efi-rearrange-grub-cmd-linux.patch
+ rhboot-efi-split-allocation-policy.patch
+ rhboot-f34-efinet-also-use-the-firmware-acceleration-for-http.patch
+ rhboot-f34-make-pmtimer-tsc-calibration-fast.patch
+ rhboot-try-to-pick-better-locations-for-kernel-and-initrd.patch
+ ubuntu-linuxefi-arm64.patch
+ ubuntu-linuxefi-arm64-set-base-addr.patch
+ ubuntu-linuxefi.patch
+ ubuntu-rhboot-cast-fixups.patch
+ ubuntu-efi-allow-loopmount-chainload.patch
+ ubuntu-efi-loader-code.patch
- Security patches, applied upstream:
+ {0076...0161} security patches, applied upstream
+ font-*.patchi - security patches applied upstream
+ commands-efi-tpm-Use-grub_strcpy-instead-of-grub_memcpy.patch
+ fbutil-Fix-integer-overflow.patch
+ kern-efi-sb-Enforce-verification-of-font-files.patch
+ normal-charset-Fix-an-integer-overflow-in-grub_unicode_ag.patch
- Misc patches, merged in Debian:
+ efi-EFI-Device-Tree-Fixup-Protocol.patch
+ efivar-check-that-efivarfs-is-writeable.patch
+ fat-fix-listing-the-root-directory.patch
+ fdt-add-debug-output-to-devicetree-command.patch
+ zstd-require-8-byte-buffer.patch
+ 0241-Call-hwmatch-only-on-the-grub-pc-platform.patch
- Misc patches applied upstream:
+ 2.12-mm/* - applied upstream
+ ubuntu-fuse3.patch
+ xfs-fix-v4-superblock.patch
+ tpm-unknown-error-non-fatal.patch
+ commands-efi-tpm-Refine-the-status-of-log-event.patch
+ efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch
+ linux_xen-Properly-load-multiple-initrd-files.patch
+ linux_xen-Properly-order-multiple-initrd-files.patch
+ linux-ignore-FDT-unless-we-need-to-modify-it.patch
+ mkrescue-efi-modules.patch
+ tests-ahci-update-qemu-device-name.patch
- No longer relevant:
+ ubuntu-disable-LOAD-FILE2-protocol-for-initrd-on-ARM.patch
+ ubuntu-temp-keep-auto-nvram.patch: was temporary in 2019 lol
+ ubuntu-skip-disk-by-id-lvm-pvm-uuid-entries.patch
+ no-devicetree-if-secure-boot.patch
+ no-insmod-on-sb.patch
- To be rewritten later in this cycle:
+ ubuntu-flavour-order.patch
- Coalesced into some other patches:
+ ubuntu-zfs-maybe-quiet.patch
+ ubuntu-zfs-quick-boot.patch
grub2 (2.12~rc1-4) experimental; urgency=medium
[ Julian Andres Klode ]
* Fix quiet boot feature
* Drop fs-tester-time-fail.patch, upstream
* postinst: look at /boot/grub/$target/core.efi to determine if we ran already
* Cherry-pick additional Ubuntu patches
- zstd-require-8-byte-buffer.patch: Fix for buffer size in zstd
- recovery-dis_ucode_ldr.patch: Pass dis_ucode_ldr to kernel for
recovery mode
- hwmatch-only-on-grub-pc-platform.patch: Only call hwmatch on grub-pc
(Closes: #990836)
- fdt-add-debug-output-to-devicetree-command.patch: Debugging output
for the devicetree command
- fdt-device-tree-fixup-protocol.patch: Support for u-boot device tree
fixup protocol
- fat-fix-listing-the-root-directory.patch: Fix listing of files with
0 timestamps in FAT
- efivar-check-that-efivarfs-is-writeable.patch: Do not hard error
if we cannot write the EFI variables. Some implementations, like
u-boot do not support writing them.
* Only build peimage on supported architectures
* debian/po: Refresh templates
[ Felix Zielcke ]
* Update mkconfig-ubuntu-recovery.patch to respect
GRUB_CMDLINE_LINUX_RECOVERY from /etc/default/grub.
(Closes: #766530, #922425)
* Strip grub-emu binary.
grub2 (2.12~rc1-3) experimental; urgency=medium
* Build peimage as a module and insert into signed images
* peimage: Copy the image header and ensure it's not clobbered
* Drop grub.cfg-400.patch, world-readable boot config violates several guidelines unfortunately
* Drop mkconfig-other-inits.patch (alternative init boot options)
* Order patches not used by Ubuntu last to simplify maintenance
* Drop mkconfig-signed-kernel.patch, .signed kernels are no longer used
grub2 (2.12~rc1-2) experimental; urgency=medium
[ Julian Andres Klode ]
* Build-Depend on libsdl2-dev instead of libsdl1.2-dev (Closes: #1038035)
* Link peimage into arm_efi target, fixes armhf/armel FTBFS
* peimage: Add chainloader support
[ Heinrich Schuchardt ]
* Enable building for RISC-V (LP: #1876620) (Closes: #995718)
grub2 (2.12~rc1-1) experimental; urgency=medium
[ Julian Andres Klode ]
* New upstream version, 2.12~rc1
* build-efi-images: Drop linuxefi, using new loaders now
* Do not try to install gmodule.pl, it was rewritten in Python
* Rebase patches
- Temporarily drop -dpkg-version-comparison.patch, needs to be adjusted
for switch from comparison to sort -V
- Drop -linuxefi.patch, fix-lockdown.patch, arm64-handover-to-kernel-if-sb-enabled.patch;
we will be using the upstream loader now, with an additional compat
layer for shim tbd
- Apply new network patch set from mailing list (no additional patches yet)
- Drop ton of patches applied upstream
* Implement an alternative approach to secure boot, using the upstream EFI
loader, and temporarily emulating load_image() and friends using Ubuntu's
peimage file while a image protocol is being added to shim.
* Build-Depend on gawk, it fails to compile with mawk
* Fix lzo test and xfail tests requiring root
* Fix lintian overrides
* Add grub,debian13,1 and grub.peimage,1 SBAT levels, this allows
individually revoking the parts affecting only trixie or the new
shared peimage loader.
[ Dimitri John Ledkov ]
* Include fdt modules in arm64 EFI images, tpm in all archs (LP: #2008950)
grub2 (2.06-14) experimental; urgency=medium
[ Julian Andres Klode ]
* "Upstreaming" Ubuntu changes, part 1.
* Fixup filename for debian/patches/gcc12_build_dangling_pointer.patch
* Disable os-prober for ppc64el on the PowerNV platform (for Petitboot)
* Build with FUSE3 (LP: #1935659)
* build-efi-images: Add http to netboot images
* Bundle unicode.pf2 in a squashfs memdisk attached to the signed EFI binary
* Automatic patch queue rebase
[ Dimitri John Ledkov ]
* minilzo: built using the distribution's minilzo
* dirs.in: create var/lib/grub/ucf in grub-efi-amd64 (and similar)
* grub-common.service: port init.d script to systemd unit. Add warning
message, when initrdless boot fails triggering fallback. LP: #1901553
* Make prebuilt netboot image look for grub.cfg-$deb_arch
* Link grub-efi-{amd64,arm64}-bin docs directory
[ Jeffery To ]
* Add hibernation resumption support to grub-common.service
grub2 (2.06-13) unstable; urgency=medium
[ Steve McIntyre ]
* When *also* installing to the removable media path, include the
relevant mokmanager binary. Closes: #1034409
[ General Chaos ]
* Allow initrd to contain spaces. Closes: #838177, #820838.
[ Translators ]
* Update lots of translations of debconf templates, thanks to the
following:
+ Welsh (Dafydd Tomos)
+ German (Helge Kreutzmann). Closes: #1034850
+ Croatian (Tomislav Krznar)
+ Greek (Emmanuel Galatoulas)
+ Esperanto (Felipe Castro)
+ French (Baptiste Jammet). Closes: #1035761
+ Italian (Luca Monducci). Closes: #1034825
+ Kazakh (Baurzhan Muftakhidinov)
+ Korean (Changwoo Ryu). Closes: #1034868
+ Latvian (Rudolfs Mazurs)
+ Dutch (Frans Spiesschaert). Closes: #1035399
+ Norwegian Bokmål (Petter Reinholdtsen, Sverre Vaabenoe)
+ Brazilian Portuguese (Adriano Rafael Gomes). Closes: #1035905
+ Romanian (Remus-Gabriel Chelu)
+ Russian (Yuri Kozlov). Closes: #1035294
+ Turkish (Atila KOÇ). Closes: #1035846
+ Swedish (Luna Jernberg)
grub2 (2.06-12) unstable; urgency=medium
* Fix up arm64 SB patch to fix build failure on 32-bit arm systems
grub2 (2.06-11) unstable; urgency=medium
* And try again... :-/
grub2 (2.06-10) unstable; urgency=medium
* Fix 32-bit build with the osdep/devmapper/getroot patches.
grub2 (2.06-9) unstable; urgency=medium
[ Steve McIntyre ]
* postinst: make config_item() more robust
* Add debconf logic for GRUB_DISABLE_OS_PROBER to make it easier to
control things here. Particularly useful for the installer.
Closes: #1031594, #1012865, #1025698.
* Add luks2 to the signed grub efi images. Closes: #1001248
[ Ben Hutchings ]
* Fix probing of LUKS2 devices (Closes: #1028301):
- disk/cryptodisk: When cheatmounting, use the sector info of the cheat
device
- osdep/devmapper/getroot: Have devmapper recognize LUKS2
- osdep/devmapper/getroot: Set up cheated LUKS2 cryptodisk mount from DM
parameters
[ Emanuele Rocca ]
* Add arm64-handover-to-kernel-if-sb-enabled.patch to fix Secure Boot on
arm64 (Closes: #1033657)
[ Mattia Rizzolo ]
* Don't warn about os-prober if it's not installed. Closes: #1020769
grub2 (2.06-8.1) experimental; urgency=medium
* Non-maintainer upload.
* Fix an issue where a logical volume rename would lead grub to fail to
boot (Closes: #987008)
grub2 (2.06-8) unstable; urgency=medium
[ Steve McIntyre ]
* Fix an issue in an f2fs security fix which caused mount
failures. Closes: #1021846. Thanks to программист некто for helping
to debug the problem!
* Switch build-deps from gcc-10 to gcc-12. Closes: #1022184
* Include upstream patch to enable EFI zboot support on arm64.
Closes: #1026092
* grub-mkconfig: Restore umask for the grub.cfg. CVE-2021-3981
Closes: #1001414
* postinst: be more verbose when using grub-install to install onto
devices.
* /etc/default/grub: Fix comment about text-mode console.
Fixes #845683
* grub-install: Don't install the shim fallback program when called
with --removable. Closes: #1016737
* grub-install: Don't use our grub CD EFI image for --removable.
Closes: #1026915. Thanks to Pascal Hambourg for the patch.
* Ignore some new ext2 flags to stay compatible with latest mke2fs
defaults. Closes: #1030846
[ Colin Watson ]
* Remove myself from Uploaders.
grub2 (2.06-7) unstable; urgency=medium
[ Steve McIntyre ]
* Fix bug in core file code so errors are handled better. This makes
the fallback font-handling patch work properly.
Closes: #1025469, #1025477.
grub2 (2.06-6) unstable; urgency=medium
[ Steve McIntyre ]
* Include fonts in the memdisk build for EFI images.
Closes: #1024395, #1025352, #1024447
* Bump Debian SBAT level to 4
- Due to a mistake in the buster upload (2.06-3~deb10u2) that left
the CVE-2022-2601 bugs in place, we need to bump SBAT for all of
the Debian GRUB binaries. :-(
* Switch away from git-dpm
grub2 (2.06-5) unstable; urgency=high
[ Steve McIntyre ]
* Explicitly unset SOURCE_DATE_EPOCH before running fs tests
* Pull in upstream patches to harden font and image handling -
CVE-2022-2601, CVE-2022-3775.
* Bump SBAT level to 3 for grub-efi packages
grub2 (2.06-4) unstable; urgency=high
[ Steve McIntyre ]
* Updated the 2.06-3 changelog to mention closure of CVE-2022-28736
* Add a commented-out GRUB_DISABLE_OS_PROBER section to
/etc/default/grub to make it easier for users to turn os-prober
back on if they want it. Closes: #1013797, #1009336
* Add smbios to the signed grub efi images. Closes: #1008106
* Add serial to the signed grub efi images. Closes: #1013962
* grub2-common: Remove dependency on install-info, it's apparently
not needed. Closes: #1013698
* Don't strip Xen binaries so they work again. Closes: #1017944.
Thanks to Valentin Kleibel for the patch.
grub2 (2.06-3) unstable; urgency=medium
[ Colin Watson ]
* Update a few leftover uses of "which" to use "command -v" instead.
* Remove some old Lintian overrides.
* Trim trailing whitespace.
* debian/copyright: use spaces rather than tabs to start continuation lines.
* Add missing ${misc:Depends} to Depends for grub-efi-ia32-signed-template,
grub-efi-amd64-signed-template, grub-efi-arm64-signed-template.
* Bump debhelper from old 10 to 13.
* Set upstream metadata fields: Bug-Submit (from ./configure), Repository,
Repository-Browse.
* Drop now-unnecessary sparc PIE workaround from debian/rules (thanks,
John Paul Adrian Glaubitz; closes: #952815).
[ Debconf translations ]
* [id] Indonesian (Andika Triwidada; closes: #1007706).
[ Julian Andres Klode ]
* Add Julian Andres Klode to uploaders
* Disable building with LTO, as used in Ubuntu and possibly other
downstreams (maybe Debian one day), as that breaks the build.
* SECURITY UPDATE: Crafted PNG grayscale images may lead to out-of-bounds
write in heap.
- 0070-video-readers-png-Drop-greyscale-support-to-fix-heap.patch:
video/readers/png: Drop greyscale support to fix heap out-of-bounds write
- CVE-2021-3695
* SECURITY UPDATE: Crafted PNG image may lead to out-of-bound write during
huffman table handling.
- 0071-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch:
video/readers/png: Avoid heap OOB R/W inserting huff table items
- CVE-2021-3696
* SECURITY UPDATE: Crafted JPEG image can lead to buffer underflow write in
the heap.
- 0076-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch:
video/readers/jpeg: Block int underflow -> wild pointer write
- CVE-2021-3697
* SECURITY UPDATE: Integer underflow in grub_net_recv_ip4_packets
- 0079-net-ip-Do-IP-fragment-maths-safely.patch: net/ip: Do IP fragment
maths safely
- CVE-2022-28733
* SECURITY UPDATE: Out-of-bounds write when handling split HTTP headers
- 0085-net-http-Fix-OOB-write-for-split-http-headers.patch: net/http: Fix
OOB write for split http headers
- CVE-2022-28734
* SECURITY UPDATE: shim_lock verifier allows non-kernel files to be loaded
- 0066-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch:
kern/efi/sb: Reject non-kernel files in the shim_lock verifier
- CVE-2022-28735
- Closes: #1001057
* SECURITY UPDATE: use-after-free in grub_cmd_chainloader()
- 0063-loader-efi-chainloader-Simplify-the-loader-state.patch:
loader/efi/chainloader: simplify the loader state
- 0064-commands-boot-Add-API-to-pass-context-to-loader.patch: commands/boot:
Add API to pass context to loader
- 0065-loader-efi-chainloader-Use-grub_loader_set_ex.patch:
loader/efi/chainloader: Use grub_loader_set_ex
- 0066-loader-i386-efi-linux-Use-grub_loader_set_ex.patch:
loader/i386/efi/linux: Use grub_loader_set_ex
- CVE-2022-28736
* Various fixes as a result of fuzzing and static analysis:
- 0067-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch:
kern/file: Do not leak device_name on error in grub_file_open()
- 0068-video-readers-png-Abort-sooner-if-a-read-operation-f.patch:
video/readers/png: Abort sooner if a read operation fails
- 0069-video-readers-png-Refuse-to-handle-multiple-image-he.patch:
video/readers/png: Refuse to handle multiple image headers
- 0072-video-readers-png-Sanity-check-some-huffman-codes.patch:
video/readers/png: Sanity check some huffman codes
- 0073-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch:
video/readers/jpeg: Abort sooner if a read operation fails
- 0074-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch:
video/readers/jpeg: Do not reallocate a given huff table
- 0075-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch:
video/readers/jpeg: Refuse to handle multiple start of streams
- 0077-normal-charset-Fix-array-out-of-bounds-formatting-un.patch:
normal/charset: Fix array out-of-bounds formatting unicode for display
- 0078-net-netbuff-Block-overly-large-netbuff-allocs.patch:
net/netbuff: Block overly large netbuff allocs
- 0080-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch:
net/dns: Fix double-free addresses on corrupt DNS response
- 0081-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch:
net/dns: Don't read past the end of the string we're checking against
- 0082-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch:
net/tftp: Prevent a UAF and double-free from a failed seek
- 0083-net-tftp-Avoid-a-trivial-UAF.patch: net/tftp: Avoid a trivial UAF
- 0084-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch:
net/http: Do not tear down socket if it's already been torn down
- 0086-net-http-Error-out-on-headers-with-LF-without-CR.patch:
net/http: Error out on headers with LF without CR
- 0087-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch:
fs/f2fs: Do not read past the end of nat journal entries
- 0088-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch:
fs/f2fs: Do not read past the end of nat bitmap
- 0089-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch:
fs/f2fs: Do not copy file names that are too long
- 0090-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch:
fs/btrfs: Fix several fuzz issues with invalid dir item sizing
- 0091-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch:
fs/btrfs: Fix more ASAN and SEGV issues found with fuzzing
- 0092-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch:
fs/btrfs: Fix more fuzz issues related to chunks
* Bump SBAT generation:
- update debian/sbat.debian.csv.in
-- Julian Andres Klode <juliank at ubuntu.com> Fri, 28 Jul 2023 15:34:32
+0200
** Changed in: grub2 (Ubuntu)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3695
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3696
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3697
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3981
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-2601
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-28733
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-28734
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-28735
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-28736
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-3775
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2 in Ubuntu.
https://bugs.launchpad.net/bugs/2008950
Title:
Missing modules on arm64 builds of monolithic grub
Status in grub2 package in Ubuntu:
Fix Released
Bug description:
Missing modules on arm64 builds of monolithic grub
Please include tpm module on all arches/builds.
Please include fdt module on arm platforms (it does nothing in
lockdown, but very useful without lockdown for local, cd, and
netboot).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/2008950/+subscriptions
More information about the foundations-bugs
mailing list