-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 29 Jul 2020 17:58:37 +0100
Source: grub2
Architecture: source
Version: 2.04-9
Distribution: unstable
Urgency: high
Maintainer: GRUB Maintainers <pkg-grub-devel@alioth-lists.debian.net>
Changed-By: Colin Watson <cjwatson@debian.org>
Changes:
grub2 (2.04-9) unstable; urgency=high
.
* Backport security patch series from upstream:
- CVE-2020-10713: yylex: Make lexer fatal errors actually be fatal
- safemath: Add some arithmetic primitives that check for overflow
- calloc: Make sure we always have an overflow-checking calloc()
available
- CVE-2020-14308: calloc: Use calloc() at most places
- CVE-2020-14309, CVE-2020-14310, CVE-2020-14311: malloc: Use overflow
checking primitives where we do complex allocations
- iso9660: Don't leak memory on realloc() failures
- font: Do not load more than one NAME section
- gfxmenu: Fix double free in load_image()
- xnu: Fix double free in grub_xnu_devprop_add_property()
- lzma: Make sure we don't dereference past array
- term: Fix overflow on user inputs
- udf: Fix memory leak
- multiboot2: Fix memory leak if grub_create_loader_cmdline() fails
- tftp: Do not use priority queue
- relocator: Protect grub_relocator_alloc_chunk_addr() input args
against integer underflow/overflow
- relocator: Protect grub_relocator_alloc_chunk_align() max_addr against
integer underflow
- script: Remove unused fields from grub_script_function struct
- CVE-2020-15706: script: Avoid a use-after-free when redefining a
function during execution
- relocator: Fix grub_relocator_alloc_chunk_align() top memory
allocation
- hfsplus: fix two more overflows
- lvm: fix two more potential data-dependent alloc overflows
- emu: make grub_free(NULL) safe
- efi: fix some malformed device path arithmetic errors
- Fix a regression caused by "efi: fix some malformed device path
arithmetic errors"
- update safemath with fallback code for gcc older than 5.1
- efi: Fix use-after-free in halt/reboot path
- linux loader: avoid overflow on initrd size calculation
* CVE-2020-15707: linux: Fix integer overflows in initrd size handling
* Apply overflow checking to allocations in Debian patches:
- bootp: Fix integer overflow in parse_dhcp6_option
- unix/config: Fix integer overflow in grub_util_load_config
- deviceiter: Fix integer overflow in grub_util_iterate_devices
Checksums-Sha1:
13ce988ec14fc49593e79cd244d78d67897ae257 7144 grub2_2.04-9.dsc
b26ea37977da47dba853834697de1d13d9ae229c 1093828 grub2_2.04-9.debian.tar.xz
Checksums-Sha256:
a13b289ffa70a8d0a687ca726cf86c3c94a559d1b69214f45bca9e8ad818e031 7144 grub2_2.04-9.dsc
da668d209f7fcf3edd254e792be36d8b07086792578d77d959cf768bd8c8c41a 1093828 grub2_2.04-9.debian.tar.xz
Files:
dab5a7656c1e8efd47f4fbce6540bd12 7144 admin optional grub2_2.04-9.dsc
406850183fb7cc440af2a3df615e4e79 1093828 admin optional grub2_2.04-9.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAl8hqzMACgkQOTWH2X2G
UAsNdw//YPWLeCUnU07UporUjRu6xMBfzVS1xwfHzbUHEHImfbvROsOsAER8uNrw
2SD6oe9vY6wYzeEuPHitJ6CLRQxRTDxVLcbuPghUEVdOovoT2xbuaoq+TL/0l/ev
daQFT6Y2QRLytRG3+IbC08BwTJwViZDelCtev/toEBe7xRMYsNlQCgUOiASVZSmE
Z9EryA6EAvhHr7wugP8ECNIItSgf7AaykNLTr3HNwBd9j0y49avcOl13U4ccfbBX
mCE1reV0emEdxli3yG176kxDh+GXjzdatcuVVuyKqedlvhuo4PZ+g8oeUPSW6D4Z
6DoYigLRdhKaYN71jgvukzQ5ICPlS+ww36SAudovs2s75IYyymvzfaMcFmiwUdEr
Tu690aHfsOqkB3ij4SSXl7yz3yqMDF5mbX8bK0OQCX4nWbKKwY1sonJSiPHiWeFQ
gR0UVOxXTG3u+Fb5jWO8HqXiEw9XmJv0xZGH1VI0Ax1fTzwxu2/QWLU/Mye5kL7I
dDNcX5Bc6OHziX/BOIQgscVhjtV6K5FiX1kVp7jbyIL+hCHdUHIB1PwDiAPfIfhF
CpfH3XuinnAzXkVx2Ug5JayTgT8Q1oLjHO6XPm1230T5R4ib1t0SOWHb8KWEKoGZ
mbJgt29Fe9Vn4lJCYogxtJmZ3SGGSEu4/oOyuPIEz7qnm4mnJpI=
=N4e5
-----END PGP SIGNATURE-----
