UbuntuUpdates.org

Package "grub-efi-amd64-bin"

Name: grub-efi-amd64-bin

Description:

GRand Unified Bootloader, version 2 (EFI-AMD64 modules)

Latest version: 2.06-2ubuntu14
Release: kinetic (22.10)
Level: proposed
Repository: main
Head package: grub2-unsigned
Homepage: https://www.gnu.org/software/grub/

Links


Download "grub-efi-amd64-bin"


Other versions of "grub-efi-amd64-bin" in Kinetic

Repository Area Version
base main 2.06-2ubuntu12
PPA: Mint Upstream 2.02~beta2-36ubuntu3.9+linuxmint1
PPA: Mint Upstream 2.02~beta2-36ubuntu3.14+linuxmint1

Changelog

Version: 2.06-2ubuntu14 2023-01-13 02:52:10 UTC

  grub2-unsigned (2.06-2ubuntu14) kinetic; urgency=medium

  * SECURITY UPDATE: Fix out of bounds writes due specially crafted fonts.
    - add debian/patches/font-Fix-several-integer-overflows-in-grub_font_construct.patch
    - add debian/patches/font-Fix-an-integer-underflow-in-blit_comb.patch
    - CVE-2022-2601, CVE-2022-3775
    - LP: #1996950
  * Fix various issues as a result of fuzzing, static analysis and code
    review:
    - add debian/patches/font-Reject-glyphs-exceeds-font-max_glyph_width-or-font-m.patch
    - add debian/patches/font-Fix-size-overflow-in-grub_font_get_glyph_internal.patch
    - add debian/patchces/font-Remove-grub_font_dup_glyph.patch
    - add debian/patches/font-Fix-integer-overflow-in-ensure_comb_space.patch
    - add debian/patches/font-Fix-integer-overflow-in-BMP-index.patch
    - add debian/patches/font-Fix-integer-underflow-in-binary-search-of-char-index.patch
    - add debian/patches/fbutil-Fix-integer-overflow.patch
    - add debian/patches/font-Harden-grub_font_blit_glyph-and-grub_font_blit_glyph.patch
    - add debian/patches/font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch
    - add debian/patches/normal-charset-Fix-an-integer-overflow-in-grub_unicode_ag.patch
  * Enforce verification of fonts when secure boot is enabled:
    - add debian/patches/kern-efi-sb-Enforce-verification-of-font-files.patch
  * Bundle unicode.pf2 in a squashfs memdisk attached to the signed EFI binary
    - update debian/control
    - update debian/build-efi-image
    - add debian/patches/font-Try-opening-fonts-from-the-bundled-memdisk.patch
  * Fix LP: #1997006 - add support for performing measurements to RTMRs
    - add debian/patches/commands-efi-tpm-Refine-the-status-of-log-event.patch
    - add debian/patches/commands-efi-tpm-Use-grub_strcpy-instead-of-grub_memcpy.patch
    - add debian/patches/efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch
  * Fix the squashfs tests during the build
    - remove debian/patches/ubuntu-fix-reproducible-squashfs-test.patch
    - add debian/patches/tests-Explicitly-unset-SOURCE_DATE_EPOCH-before-running-f.patch
  * Bump SBAT generation:
    - update debian/sbat.ubuntu.csv.in
  * Source package generated from src:grub2 using make -f ./debian/rules
    generate-grub2-unsigned

 -- Chris Coulson <email address hidden> Wed, 16 Nov 2022 14:40:42 +0000

1997006 grub TDX enablement
CVE-2022-2601 A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size
CVE-2022-3775 When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bi

Version: *DELETED* 2022-12-07 03:06:43 UTC
No changelog for deleted or moved packages.

Version: 2.06-2ubuntu13 2022-11-18 23:06:22 UTC

  grub2-unsigned (2.06-2ubuntu13) kinetic; urgency=medium

  * Try to pick better locations for kernel and initrd (LP: #1989446)
  * x86-efi: Use bounce buffers for reading to addresses > 4GB (enhances
    firmware compatibility of previous change)
  * Source package generated from src:grub2 using make -f ./debian/rules
    generate-grub2-unsigned

 -- Julian Andres Klode <email address hidden> Thu, 20 Oct 2022 21:18:25 +0200

1989446 [SRU] unable to boot guest with large memory when SEV is enabled on host



About   -   Send Feedback to @ubuntu_updates