[Bug 1996950] Re: CVE-2022-2601, CVE-2022-3775: font security fixes

Mon Jan 30 19:05:23 UTC 2023

This bug was fixed in the package grub2-signed - 1.187.2~18.04.1

---------------
grub2-signed (1.187.2~18.04.1) bionic; urgency=medium

  * Resign with 2022v1 signing key
  * [focal/bionic] remaining backport changes:
    - Bump grub2-common dependency to 2.02~beta2-36ubuntu3.33 in xenial and
      2.02-2ubuntu8.25 in bionic to fix LP #1995751

grub2-signed (1.187.1) kinetic; urgency=medium

  * Source debconf in postinst script (LP: #1997779)
  * Really rebuild against grub2 2.06-2ubuntu14 (LP: #1996950)

grub2-signed (1.187) kinetic; urgency=medium

  * Rebuild against grub2 2.06-2ubuntu14 (LP: #1996950)

 -- Julian Andres Klode <juliank at ubuntu.com>  Tue, 17 Jan 2023 15:51:22
+0100

** Changed in: grub2-signed (Ubuntu Bionic)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2-signed in Ubuntu.
https://bugs.launchpad.net/bugs/1996950

Title:
  CVE-2022-2601, CVE-2022-3775: font security fixes

Status in grub2-signed package in Ubuntu:
  Fix Released
Status in grub2-unsigned package in Ubuntu:
  Fix Released
Status in grub2-signed source package in Bionic:
  Fix Released
Status in grub2-unsigned source package in Bionic:
  Fix Released
Status in grub2-signed source package in Focal:
  Fix Released
Status in grub2-unsigned source package in Focal:
  Fix Released
Status in grub2-signed source package in Jammy:
  Fix Released
Status in grub2-unsigned source package in Jammy:
  Fix Released
Status in grub2-signed source package in Kinetic:
  Fix Released
Status in grub2-unsigned source package in Kinetic:
  Fix Released
Status in grub2-signed source package in Lunar:
  Fix Released
Status in grub2-unsigned source package in Lunar:
  Fix Released

Bug description:
  [Impact]
  security update staged in updates

  [Test plan]
  Boot it on multiple systems. Notably juliank will be doing semi-automated testing in QEMU that does chainbooting over network (shim->grub->shim->grub); and boots on T14 G3 AMD and an XPS 13; chrisccoulson did his own security testing before that.

  [Where problems could occur]
  Font loading is disabled, could cause rendering issues

  Unicode font stuffed in xz squashfs, could cause more memory issues
  during boot

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2-signed/+bug/1996950/+subscriptions