Accepted grub2 2.06-3~deb11u6 (source) into oldstable-proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted grub2 2.06-3~deb11u6 (source) into oldstable-proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Tue, 10 Oct 2023 20:47:39 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: grub2_2.06-3~deb11u6_source.changes
- Debian-source: grub2
- Debian-suite: oldstable-proposed-updates
- Debian-version: 2.06-3~deb11u6
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=+7Sk2wIlI0rPxWQrC8/QGvlMBWy9QPniTDE7g62+UlQ=; b=m/UMtYOoe+CAG/l2+aQY3y0RTb I8Rp42mVsD9cPvbd2EB15JPnG8pYT6lhZ1taOcHss9VxNS7QZLVldlIYsitd9HlB++4imp4VNYwwd SaGj3akSWaZ+PflDkju6FqP6tgEdQOoHtIQfOaUovBdj8LEAKMy3l1OKncOFqwcgsiNnk2dqvPp9A wWSfWfhGyQZmOe2R/WJPtgKvtsrYmkN59jzqA8SZ+OnOt84aXaPqj4v8RIp5hifvwpf7QVXiTU3FP DJa72/AN2puti7cJm1xK9fTSr0AVwzWXnAJnk5bbZhDKV621+Czzr3fssR26QH3pQhU1r5jAlGng4 Qo5oe2Dg==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1qqJdj-00CY6m-Q6@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 02 Oct 2023 16:11:34 +0200
Source: grub2
Architecture: source
Version: 2.06-3~deb11u6
Distribution: bullseye-security
Urgency: medium
Maintainer: GRUB Maintainers <pkg-grub-devel@alioth-lists.debian.net>
Changed-By: Julian Andres Klode <jak@debian.org>
Changes:
grub2 (2.06-3~deb11u6) bullseye-security; urgency=medium
.
[ Mate Kukri ]
* SECURITY UPDATE: Crafted file system images can cause out-of-bounds write
and may leak sensitive information into the GRUB pager.
- d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-
label.patch:
fs/ntfs: Fix an OOB read when parsing a volume label
- d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-bs-for-
index-at.patch:
fs/ntfs: Fix an OOB read when parsing bitmaps for index attributes
- d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-dory-
entries-fr.patch:
fs/ntfs: Fix an OOB read when parsing directory entries from resident and
non-resident index attributes
- d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-reading-data-fhe-
reside.patch:
fs/ntfs: Fix an OOB read when reading data from the resident $DATA +
attribute
- CVE-2023-4693
* SECURITY UPDATE: Crafted file system images can cause heap-based buffer
overflow and may allow arbitrary code execution and secure boot bypass.
- d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-write-when-parsing-the-
ATTRIBUTE_LIST-.patch:
fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST attribute for
the $MFT file
- d/patches/ntfs-cve-fixes/fs-ntfs-Make-code-more-readable.patch
fs/ntfs: Make code more readable
- CVE-2023-4692
.
[ Julian Andres Klode ]
* Bump SBAT to grub,4
Checksums-Sha1:
a5ef359c99c2ad7bd5dd5fb175e5b490b2764bf8 7121 grub2_2.06-3~deb11u6.dsc
f12b176bb663cf9a21542b67aacfac1c6e688346 1097416 grub2_2.06-3~deb11u6.debian.tar.xz
85004465edb866ece389f4f25f3b5694a3a3c45c 13925 grub2_2.06-3~deb11u6_source.buildinfo
Checksums-Sha256:
e9a553c4f8a84d6b5a315ce55e2c0e0d7290af17a6039cf23b80b7788c3eb969 7121 grub2_2.06-3~deb11u6.dsc
a3a619332acd5d996d89c73c7a6ad8bfbde3f3ecf55e8c7e358b2db7646eb108 1097416 grub2_2.06-3~deb11u6.debian.tar.xz
64bfe457c79700d7a6391d8c7101539f338b7e08110edcecce21b9ed9ae2709e 13925 grub2_2.06-3~deb11u6_source.buildinfo
Files:
714ceac7d1c623ba3442b28ca408d39f 7121 admin optional grub2_2.06-3~deb11u6.dsc
cf1ebc72e0c5b225cb6915c9618a5990 1097416 admin optional grub2_2.06-3~deb11u6.debian.tar.xz
46e3b4d76aa25be157c9f7fc19eba24e 13925 admin optional grub2_2.06-3~deb11u6_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJDBAEBCgAtFiEET7WIqEwt3nmnTHeHb6RY3R2wP3EFAmUa/HkPHGpha0BkZWJp
YW4ub3JnAAoJEG+kWN0dsD9x+v0P/1Adwf+DaWdaxmTC2EDxiVC2JGJEMdxe/3fV
k34zpU1/iirf2P900M4Zb0F81cj+7TrEs9NmsS+J0ACST9vnETSYorccVhjwsELn
/s9C+cjKADyk5yacl0kpwb67Enh4bouFIfHEXaMazgSXlSPr3KxRRQDqtS3yF2do
dAE2YTXf8kf5fSLe1UcdQcgSr2NMj4uViIgW1rcmgsU/+wgBspalgNzWVMwjrJy6
5Gr/o8iWajIeYB9yS1hr9ppAB7G3cQh0hDGBX01T62im20GxNw1Rp01LYzdFIzmD
UO3Cp1cfKVqj7vTfPUBaRUxX5++QQceCKrfujwcUD7cjxRzQbgsAiWX90UmFe/Ch
BfPOc4hAgj37XNLkt4r0csh5lydpmdWK6Emuqo74WRmVwbc6zVlTz2/NeQB4bMpz
wlaX0mQjsgk3wKbnKZjwQtBl/CNExvVZtksiXwmvmO0C9LQtZUjT+JXJKkXwlBXF
1iZp5nB1q/jrOeXCK4jEa0OrYzJQQweCseC92jPvnO6iWfQFskV76hR6pGu/o1+e
QKk8zZEmLmlSJh34QHlDCTTF2K/8XCPWLt9rarLwGT3O29iFMpBLLfJZdPCzg0hC
65xmdp7yRweayyaTMFsDiSFWjhwaPzNjLchfjjoeJlaZZj8zucRQ1DdWsksKzHpQ
PTFirzL9
=Ov1i
-----END PGP SIGNATURE-----