Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02

From:	John Paul Adrian Glaubitz
Subject:	Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round
Date:	Tue, 2 Mar 2021 20:37:14 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1

Hi Daniel!

On 3/2/21 7:00 PM, Daniel Kiper wrote:
> The BootHole vulnerability [1][2] announced last year encouraged many people 
> to
> take a closer look at the security of boot process in general and the GRUB
> bootloader in particular. Due to that, during past few months we were getting
> reports of, and also discovering various security flaws in the GRUB ourselves.
> You can find the list of most severe ones which got CVEs assigned at the end 
> of
> this message. The patch bundle fixing all these issues in the upstream GRUB
> contains 117 patches.

Huge thanks and kudos to everyone involved fixing all these vulnerabilities!

Given the amount of patches, wouldn't it make sense to push an RC candidate
for 2.06 in the near future so that distributions can start shipping the pre-
release and avoiding to carry this large amount of patches?

Thanks,
Adrian

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaubitz@debian.org
`. `'   Freie Universitaet Berlin - glaubitz@physik.fu-berlin.de
  `-    GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [SECURITY PATCH 116/117] templates: Disable the os-prober by default, (continued)
- [SECURITY PATCH 117/117] kern/mm: Fix grub_debug_calloc() compilation error, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 110/117] grub-install-common: Add --sbat option, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 113/117] kern/misc: Add STRING type for internal printf() format handling, Daniel Kiper, 2021/03/02
- [SECURITY PATCH 111/117] shim_lock: Only skip loading shim_lock verifier with explicit consent, Daniel Kiper, 2021/03/02
- Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round, John Paul Adrian Glaubitz <=
  - Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round, Bruce Dubbs, 2021/03/02
  - Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round, Daniel Kiper, 2021/03/02
    - Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round, Neal Gompa, 2021/03/09
    - Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round, Daniel Kiper, 2021/03/09
- Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round, Paul Menzel, 2021/03/18
  - Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round, Daniel Kiper, 2021/03/22

Prev by Date: [SECURITY PATCH 111/117] shim_lock: Only skip loading shim_lock verifier with explicit consent
Next by Date: Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round
Previous by thread: [SECURITY PATCH 111/117] shim_lock: Only skip loading shim_lock verifier with explicit consent
Next by thread: Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round
Index(es):
- Date
- Thread