This bug was fixed in the package grub2 - 2.12~rc1-4ubuntu1 --------------- grub2 (2.12~rc1-4ubuntu1) mantic; urgency=medium * Merge from Debian unstable (LP: #2028947); remaining changes: - Add Ubuntu sbat data - build-efi-images: do not produce -installer.efi.signed. LP: 1863994 - grub-common: Install canonical-uefi-ca.crt - Check signatures - Support installing to multiple ESP (LP: 1871821) - Disable various bits on i386 - Split out unsigned artefacts into grub2-unsigned - Vcs-Git: Point to ubuntu packaging branch - Relax dependencies on grub-common and grub2-common - grub-pc: Avoid the possibility of breaking grub on SRU update due to ABI change - UBUNTU: Default timeout changes - Revert "Add jfs module to signed UEFI images. Closes: #950959" - Revert "Add f2fs module to signed UEFI images" - Install grub-initrd-fallback.service again - Build using -O1 on s390x to avoid misoptimization - grub-check-signatures: Support gzip compressed kernels (LP: #1954683) - grub-multi-install: Reset partition type between partitions (LP: #1997795) - Drop i386 from grub-efi-amd64* (LP: #2020907) - Turn depends on grub-efi-amd64/arm64 unversioned - forward port fix for LP: #1926748 - Make the grub2/no_efi_extra_removable setting work correctly - Forward port the fix for LP: #1930742 and make it conditional (xenial/bionic only) - Build grub2-unsigned packages with xz compression - Replaced patches: - installe-signed.patched - grub-install-extra-removable.patch - grub-install-removable-shim.patch - Added patches: + rhboot-f34-dont-use-int-for-efi-status.patch + rhboot-f34-make-exit-take-a-return-code.patch + suse-grub.texi-add-net_bootp6-document.patch + ubuntu-add-devicetree-command-support.patch + ubuntu-add-initrd-less-boot-fallback.patch + ubuntu-add-initrd-less-boot-messages.patch + ubuntu-boot-from-multipath-dependent-symlink.patch + ubuntu-dont-verify-loopback-images.patch + ubuntu-fix-lzma-decompressor-objcopy.patch + ubuntu-grub-install-extra-removable.patch + ubuntu-install-signed.patch + ubuntu-mkconfig-leave-breadcrumbs.patch + ubuntu-os-prober-auto.patch + ubuntu-recovery-dis_ucode_ldr.patch + ubuntu-resilient-boot-boot-order.patch + ubuntu-resilient-boot-ignore-alternative-esps.patch + ubuntu-shorter-version-info.patch + ubuntu-speed-zsys-history.patch + ubuntu-support-initrd-less-boot.patch + ubuntu-verifiers-last.patch + ubuntu-zfs-enhance-support.patch + ubuntu-zfs-gfxpayload-dynamic.patch + ubuntu-zfs-gfxpayload-keep-default.patch + ubuntu-zfs-insmod-xzio-and-lzopio-on-xen.patch + ubuntu-zfs-mkconfig-recovery-title.patch + ubuntu-zfs-mkconfig-signed-kernel.patch + ubuntu-zfs-mkconfig-ubuntu-distributor.patch + ubuntu-zfs-mkconfig-ubuntu-recovery.patch + ubuntu-zfs-vt-handoff.patch * Dropped Ubuntu changes: - All the rhboot loader patches - Temporarily, support for GRUB_FLAVOUR_ORDER - RISC-V patches, applied upstream: + efi-add-definition-of-LoadFile2-protocol.patch + efi-correct-struct-grub_efi_boot_services.patch + efi-implemented-LoadFile2-initrd-loading-protocol-fo.patch + efi-implement-grub_efi_run_image.patch + RISC-V-Update-image-header.patch + RISC-V-Use-common-linux-loader.patch + riscv-adjust-march-flags-for-binutils-2.38.patch + upstream/riscv-handle-r-riscv-call-plt-reloc.patch + loader-drop-argv-argument-in-grub_initrd_load.patch + loader-Move-arm64-linux-loader-to-common-code.patch - Networking patches (rebasing still WIP): + cherrypick-efi-grub_efi_close_protocol.patch + cherrypick-efinet-correct-closing-snp-protocol.patch + efinet-uefi-ipv6-pxe-support.patch + suse-add-support-for-UEFI-network-protocols.patch + suse-AUDIT-0-http-boot-tracker-bug.patch - Red Hat boot loader, replaced by upstream: + linuxefi-do-not-validate-kernels-twice.patch + linuxefi-Invalidate-i-cache-before-starting-the-kern.patch + rhboot-bounce-buffers.patch + rhboot-efi-allocate-in-kernel-bounds.patch + rhboot-efi-allocate-kernel-as-code-for-real.patch + rhboot-efi-allocate-kernel-as-code.patch + rhboot-efi-enumerated-array-for-allocation-choice.patch + rhboot-efi-fix-incorrect-array-size.patch + rhboot-efi-initrd-above-4gb.patch + rhboot-efi-kernel-allocator.patch + rhboot-efi-rearrange-grub-cmd-linux.patch + rhboot-efi-split-allocation-policy.patch + rhboot-f34-efinet-also-use-the-firmware-acceleration-for-http.patch + rhboot-f34-make-pmtimer-tsc-calibration-fast.patch + rhboot-try-to-pick-better-locations-for-kernel-and-initrd.patch + ubuntu-linuxefi-arm64.patch + ubuntu-linuxefi-arm64-set-base-addr.patch + ubuntu-linuxefi.patch + ubuntu-rhboot-cast-fixups.patch + ubuntu-efi-allow-loopmount-chainload.patch + ubuntu-efi-loader-code.patch - Security patches, applied upstream: + {0076...0161} security patches, applied upstream + font-*.patchi - security patches applied upstream + commands-efi-tpm-Use-grub_strcpy-instead-of-grub_memcpy.patch + fbutil-Fix-integer-overflow.patch + kern-efi-sb-Enforce-verification-of-font-files.patch + normal-charset-Fix-an-integer-overflow-in-grub_unicode_ag.patch - Misc patches, merged in Debian: + efi-EFI-Device-Tree-Fixup-Protocol.patch + efivar-check-that-efivarfs-is-writeable.patch + fat-fix-listing-the-root-directory.patch + fdt-add-debug-output-to-devicetree-command.patch + zstd-require-8-byte-buffer.patch + 0241-Call-hwmatch-only-on-the-grub-pc-platform.patch - Misc patches applied upstream: + 2.12-mm/* - applied upstream + ubuntu-fuse3.patch + xfs-fix-v4-superblock.patch + tpm-unknown-error-non-fatal.patch + commands-efi-tpm-Refine-the-status-of-log-event.patch + efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch + linux_xen-Properly-load-multiple-initrd-files.patch + linux_xen-Properly-order-multiple-initrd-files.patch + linux-ignore-FDT-unless-we-need-to-modify-it.patch + mkrescue-efi-modules.patch + tests-ahci-update-qemu-device-name.patch - No longer relevant: + ubuntu-disable-LOAD-FILE2-protocol-for-initrd-on-ARM.patch + ubuntu-temp-keep-auto-nvram.patch: was temporary in 2019 lol + ubuntu-skip-disk-by-id-lvm-pvm-uuid-entries.patch + no-devicetree-if-secure-boot.patch + no-insmod-on-sb.patch - To be rewritten later in this cycle: + ubuntu-flavour-order.patch - Coalesced into some other patches: + ubuntu-zfs-maybe-quiet.patch + ubuntu-zfs-quick-boot.patch grub2 (2.12~rc1-4) experimental; urgency=medium [ Julian Andres Klode ] * Fix quiet boot feature * Drop fs-tester-time-fail.patch, upstream * postinst: look at /boot/grub/$target/core.efi to determine if we ran already * Cherry-pick additional Ubuntu patches - zstd-require-8-byte-buffer.patch: Fix for buffer size in zstd - recovery-dis_ucode_ldr.patch: Pass dis_ucode_ldr to kernel for recovery mode - hwmatch-only-on-grub-pc-platform.patch: Only call hwmatch on grub-pc (Closes: #990836) - fdt-add-debug-output-to-devicetree-command.patch: Debugging output for the devicetree command - fdt-device-tree-fixup-protocol.patch: Support for u-boot device tree fixup protocol - fat-fix-listing-the-root-directory.patch: Fix listing of files with 0 timestamps in FAT - efivar-check-that-efivarfs-is-writeable.patch: Do not hard error if we cannot write the EFI variables. Some implementations, like u-boot do not support writing them. * Only build peimage on supported architectures * debian/po: Refresh templates [ Felix Zielcke ] * Update mkconfig-ubuntu-recovery.patch to respect GRUB_CMDLINE_LINUX_RECOVERY from /etc/default/grub. (Closes: #766530, #922425) * Strip grub-emu binary. grub2 (2.12~rc1-3) experimental; urgency=medium * Build peimage as a module and insert into signed images * peimage: Copy the image header and ensure it's not clobbered * Drop grub.cfg-400.patch, world-readable boot config violates several guidelines unfortunately * Drop mkconfig-other-inits.patch (alternative init boot options) * Order patches not used by Ubuntu last to simplify maintenance * Drop mkconfig-signed-kernel.patch, .signed kernels are no longer used grub2 (2.12~rc1-2) experimental; urgency=medium [ Julian Andres Klode ] * Build-Depend on libsdl2-dev instead of libsdl1.2-dev (Closes: #1038035) * Link peimage into arm_efi target, fixes armhf/armel FTBFS * peimage: Add chainloader support [ Heinrich Schuchardt ] * Enable building for RISC-V (LP: #1876620) (Closes: #995718) grub2 (2.12~rc1-1) experimental; urgency=medium [ Julian Andres Klode ] * New upstream version, 2.12~rc1 * build-efi-images: Drop linuxefi, using new loaders now * Do not try to install gmodule.pl, it was rewritten in Python * Rebase patches - Temporarily drop -dpkg-version-comparison.patch, needs to be adjusted for switch from comparison to sort -V - Drop -linuxefi.patch, fix-lockdown.patch, arm64-handover-to-kernel-if-sb-enabled.patch; we will be using the upstream loader now, with an additional compat layer for shim tbd - Apply new network patch set from mailing list (no additional patches yet) - Drop ton of patches applied upstream * Implement an alternative approach to secure boot, using the upstream EFI loader, and temporarily emulating load_image() and friends using Ubuntu's peimage file while a image protocol is being added to shim. * Build-Depend on gawk, it fails to compile with mawk * Fix lzo test and xfail tests requiring root * Fix lintian overrides * Add grub,debian13,1 and grub.peimage,1 SBAT levels, this allows individually revoking the parts affecting only trixie or the new shared peimage loader. [ Dimitri John Ledkov ] * Include fdt modules in arm64 EFI images, tpm in all archs (LP: #2008950) grub2 (2.06-14) experimental; urgency=medium [ Julian Andres Klode ] * "Upstreaming" Ubuntu changes, part 1. * Fixup filename for debian/patches/gcc12_build_dangling_pointer.patch * Disable os-prober for ppc64el on the PowerNV platform (for Petitboot) * Build with FUSE3 (LP: #1935659) * build-efi-images: Add http to netboot images * Bundle unicode.pf2 in a squashfs memdisk attached to the signed EFI binary * Automatic patch queue rebase [ Dimitri John Ledkov ] * minilzo: built using the distribution's minilzo * dirs.in: create var/lib/grub/ucf in grub-efi-amd64 (and similar) * grub-common.service: port init.d script to systemd unit. Add warning message, when initrdless boot fails triggering fallback. LP: #1901553 * Make prebuilt netboot image look for grub.cfg-$deb_arch * Link grub-efi-{amd64,arm64}-bin docs directory [ Jeffery To ] * Add hibernation resumption support to grub-common.service grub2 (2.06-13) unstable; urgency=medium [ Steve McIntyre ] * When *also* installing to the removable media path, include the relevant mokmanager binary. Closes: #1034409 [ General Chaos ] * Allow initrd to contain spaces. Closes: #838177, #820838. [ Translators ] * Update lots of translations of debconf templates, thanks to the following: + Welsh (Dafydd Tomos) + German (Helge Kreutzmann). Closes: #1034850 + Croatian (Tomislav Krznar) + Greek (Emmanuel Galatoulas) + Esperanto (Felipe Castro) + French (Baptiste Jammet). Closes: #1035761 + Italian (Luca Monducci). Closes: #1034825 + Kazakh (Baurzhan Muftakhidinov) + Korean (Changwoo Ryu). Closes: #1034868 + Latvian (Rudolfs Mazurs) + Dutch (Frans Spiesschaert). Closes: #1035399 + Norwegian Bokmål (Petter Reinholdtsen, Sverre Vaabenoe) + Brazilian Portuguese (Adriano Rafael Gomes). Closes: #1035905 + Romanian (Remus-Gabriel Chelu) + Russian (Yuri Kozlov). Closes: #1035294 + Turkish (Atila KOÇ). Closes: #1035846 + Swedish (Luna Jernberg) grub2 (2.06-12) unstable; urgency=medium * Fix up arm64 SB patch to fix build failure on 32-bit arm systems grub2 (2.06-11) unstable; urgency=medium * And try again... :-/ grub2 (2.06-10) unstable; urgency=medium * Fix 32-bit build with the osdep/devmapper/getroot patches. grub2 (2.06-9) unstable; urgency=medium [ Steve McIntyre ] * postinst: make config_item() more robust * Add debconf logic for GRUB_DISABLE_OS_PROBER to make it easier to control things here. Particularly useful for the installer. Closes: #1031594, #1012865, #1025698. * Add luks2 to the signed grub efi images. Closes: #1001248 [ Ben Hutchings ] * Fix probing of LUKS2 devices (Closes: #1028301): - disk/cryptodisk: When cheatmounting, use the sector info of the cheat device - osdep/devmapper/getroot: Have devmapper recognize LUKS2 - osdep/devmapper/getroot: Set up cheated LUKS2 cryptodisk mount from DM parameters [ Emanuele Rocca ] * Add arm64-handover-to-kernel-if-sb-enabled.patch to fix Secure Boot on arm64 (Closes: #1033657) [ Mattia Rizzolo ] * Don't warn about os-prober if it's not installed. Closes: #1020769 grub2 (2.06-8.1) experimental; urgency=medium * Non-maintainer upload. * Fix an issue where a logical volume rename would lead grub to fail to boot (Closes: #987008) grub2 (2.06-8) unstable; urgency=medium [ Steve McIntyre ] * Fix an issue in an f2fs security fix which caused mount failures. Closes: #1021846. Thanks to программист некто for helping to debug the problem! * Switch build-deps from gcc-10 to gcc-12. Closes: #1022184 * Include upstream patch to enable EFI zboot support on arm64. Closes: #1026092 * grub-mkconfig: Restore umask for the grub.cfg. CVE-2021-3981 Closes: #1001414 * postinst: be more verbose when using grub-install to install onto devices. * /etc/default/grub: Fix comment about text-mode console. Fixes #845683 * grub-install: Don't install the shim fallback program when called with --removable. Closes: #1016737 * grub-install: Don't use our grub CD EFI image for --removable. Closes: #1026915. Thanks to Pascal Hambourg for the patch. * Ignore some new ext2 flags to stay compatible with latest mke2fs defaults. Closes: #1030846 [ Colin Watson ] * Remove myself from Uploaders. grub2 (2.06-7) unstable; urgency=medium [ Steve McIntyre ] * Fix bug in core file code so errors are handled better. This makes the fallback font-handling patch work properly. Closes: #1025469, #1025477. grub2 (2.06-6) unstable; urgency=medium [ Steve McIntyre ] * Include fonts in the memdisk build for EFI images. Closes: #1024395, #1025352, #1024447 * Bump Debian SBAT level to 4 - Due to a mistake in the buster upload (2.06-3~deb10u2) that left the CVE-2022-2601 bugs in place, we need to bump SBAT for all of the Debian GRUB binaries. :-( * Switch away from git-dpm grub2 (2.06-5) unstable; urgency=high [ Steve McIntyre ] * Explicitly unset SOURCE_DATE_EPOCH before running fs tests * Pull in upstream patches to harden font and image handling - CVE-2022-2601, CVE-2022-3775. * Bump SBAT level to 3 for grub-efi packages grub2 (2.06-4) unstable; urgency=high [ Steve McIntyre ] * Updated the 2.06-3 changelog to mention closure of CVE-2022-28736 * Add a commented-out GRUB_DISABLE_OS_PROBER section to /etc/default/grub to make it easier for users to turn os-prober back on if they want it. Closes: #1013797, #1009336 * Add smbios to the signed grub efi images. Closes: #1008106 * Add serial to the signed grub efi images. Closes: #1013962 * grub2-common: Remove dependency on install-info, it's apparently not needed. Closes: #1013698 * Don't strip Xen binaries so they work again. Closes: #1017944. Thanks to Valentin Kleibel for the patch. grub2 (2.06-3) unstable; urgency=medium [ Colin Watson ] * Update a few leftover uses of "which" to use "command -v" instead. * Remove some old Lintian overrides. * Trim trailing whitespace. * debian/copyright: use spaces rather than tabs to start continuation lines. * Add missing ${misc:Depends} to Depends for grub-efi-ia32-signed-template, grub-efi-amd64-signed-template, grub-efi-arm64-signed-template. * Bump debhelper from old 10 to 13. * Set upstream metadata fields: Bug-Submit (from ./configure), Repository, Repository-Browse. * Drop now-unnecessary sparc PIE workaround from debian/rules (thanks, John Paul Adrian Glaubitz; closes: #952815). [ Debconf translations ] * [id] Indonesian (Andika Triwidada; closes: #1007706). [ Julian Andres Klode ] * Add Julian Andres Klode to uploaders * Disable building with LTO, as used in Ubuntu and possibly other downstreams (maybe Debian one day), as that breaks the build. * SECURITY UPDATE: Crafted PNG grayscale images may lead to out-of-bounds write in heap. - 0070-video-readers-png-Drop-greyscale-support-to-fix-heap.patch: video/readers/png: Drop greyscale support to fix heap out-of-bounds write - CVE-2021-3695 * SECURITY UPDATE: Crafted PNG image may lead to out-of-bound write during huffman table handling. - 0071-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch: video/readers/png: Avoid heap OOB R/W inserting huff table items - CVE-2021-3696 * SECURITY UPDATE: Crafted JPEG image can lead to buffer underflow write in the heap. - 0076-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch: video/readers/jpeg: Block int underflow -> wild pointer write - CVE-2021-3697 * SECURITY UPDATE: Integer underflow in grub_net_recv_ip4_packets - 0079-net-ip-Do-IP-fragment-maths-safely.patch: net/ip: Do IP fragment maths safely - CVE-2022-28733 * SECURITY UPDATE: Out-of-bounds write when handling split HTTP headers - 0085-net-http-Fix-OOB-write-for-split-http-headers.patch: net/http: Fix OOB write for split http headers - CVE-2022-28734 * SECURITY UPDATE: shim_lock verifier allows non-kernel files to be loaded - 0066-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch: kern/efi/sb: Reject non-kernel files in the shim_lock verifier - CVE-2022-28735 - Closes: #1001057 * SECURITY UPDATE: use-after-free in grub_cmd_chainloader() - 0063-loader-efi-chainloader-Simplify-the-loader-state.patch: loader/efi/chainloader: simplify the loader state - 0064-commands-boot-Add-API-to-pass-context-to-loader.patch: commands/boot: Add API to pass context to loader - 0065-loader-efi-chainloader-Use-grub_loader_set_ex.patch: loader/efi/chainloader: Use grub_loader_set_ex - 0066-loader-i386-efi-linux-Use-grub_loader_set_ex.patch: loader/i386/efi/linux: Use grub_loader_set_ex - CVE-2022-28736 * Various fixes as a result of fuzzing and static analysis: - 0067-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch: kern/file: Do not leak device_name on error in grub_file_open() - 0068-video-readers-png-Abort-sooner-if-a-read-operation-f.patch: video/readers/png: Abort sooner if a read operation fails - 0069-video-readers-png-Refuse-to-handle-multiple-image-he.patch: video/readers/png: Refuse to handle multiple image headers - 0072-video-readers-png-Sanity-check-some-huffman-codes.patch: video/readers/png: Sanity check some huffman codes - 0073-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch: video/readers/jpeg: Abort sooner if a read operation fails - 0074-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch: video/readers/jpeg: Do not reallocate a given huff table - 0075-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch: video/readers/jpeg: Refuse to handle multiple start of streams - 0077-normal-charset-Fix-array-out-of-bounds-formatting-un.patch: normal/charset: Fix array out-of-bounds formatting unicode for display - 0078-net-netbuff-Block-overly-large-netbuff-allocs.patch: net/netbuff: Block overly large netbuff allocs - 0080-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch: net/dns: Fix double-free addresses on corrupt DNS response - 0081-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch: net/dns: Don't read past the end of the string we're checking against - 0082-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch: net/tftp: Prevent a UAF and double-free from a failed seek - 0083-net-tftp-Avoid-a-trivial-UAF.patch: net/tftp: Avoid a trivial UAF - 0084-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch: net/http: Do not tear down socket if it's already been torn down - 0086-net-http-Error-out-on-headers-with-LF-without-CR.patch: net/http: Error out on headers with LF without CR - 0087-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch: fs/f2fs: Do not read past the end of nat journal entries - 0088-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch: fs/f2fs: Do not read past the end of nat bitmap - 0089-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch: fs/f2fs: Do not copy file names that are too long - 0090-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch: fs/btrfs: Fix several fuzz issues with invalid dir item sizing - 0091-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch: fs/btrfs: Fix more ASAN and SEGV issues found with fuzzing - 0092-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch: fs/btrfs: Fix more fuzz issues related to chunks * Bump SBAT generation: - update debian/sbat.debian.csv.in -- Julian Andres Klode