-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 01 Mar 2021 22:50:45 +0000 Source: grub2 Architecture: source Version: 2.02+dfsg1-20+deb10u4 Distribution: buster-security Urgency: high Maintainer: GRUB Maintainers <pkg-grub-devel@alioth-lists.debian.net> Changed-By: Colin Watson <cjwatson@debian.org> Changes: grub2 (2.02+dfsg1-20+deb10u4) buster-security; urgency=high . * Fix broken advice in message when the postinst has to bail out (thanks to Daniel Leidert for pointing out the problem). * Backport security patch series from upstream: - kern: Add lockdown support - kern/lockdown: Set a variable if the GRUB is locked down - efi: Lockdown the GRUB when the UEFI Secure Boot is enabled - efi: Use grub_is_lockdown() instead of hardcoding a disabled modules list - CVE-2020-14372: acpi: Don't register the acpi command when locked down - CVE-2020-27779: mmap: Don't register cutmem and badram commands when lockdown is enforced - commands: Restrict commands that can load BIOS or DT blobs when locked down - commands/setpci: Restrict setpci command when locked down - commands/hdparm: Restrict hdparm command when locked down - gdb: Restrict GDB access when locked down - loader/xnu: Don't allow loading extension and packages when locked down - docs: Document the cutmem command - CVE-2020-25632: dl: Only allow unloading modules that are not dependencies - CVE-2020-25647: usb: Avoid possible out-of-bound accesses caused by malicious devices - mmap: Fix memory leak when iterating over mapped memory - net/net: Fix possible dereference to of a NULL pointer - net/tftp: Fix dangling memory pointer - kern/parser: Fix resource leak if argc == 0 - kern/efi: Fix memory leak on failure - kern/efi/mm: Fix possible NULL pointer dereference - gnulib/regexec: Resolve unused variable - gnulib/regcomp: Fix uninitialized token structure - gnulib/argp-help: Fix dereference of a possibly NULL state - gnulib/regexec: Fix possible null-dereference - gnulib/regcomp: Fix uninitialized re_token - io/lzopio: Resolve unnecessary self-assignment errors - kern/partition: Check for NULL before dereferencing input string - disk/ldm: Make sure comp data is freed before exiting from make_vg() - disk/ldm: If failed then free vg variable too - disk/ldm: Fix memory leak on uninserted lv references - disk/cryptodisk: Fix potential integer overflow - hfsplus: Check that the volume name length is valid - zfs: Fix possible negative shift operation - zfs: Fix resource leaks while constructing path - zfs: Fix possible integer overflows - zfsinfo: Correct a check for error allocating memory - affs: Fix memory leaks - libgcrypt/mpi: Fix possible unintended sign extension - libgcrypt/mpi: Fix possible NULL dereference - syslinux: Fix memory leak while parsing - normal/completion: Fix leaking of memory when processing a completion - commands/hashsum: Fix a memory leak - video/efi_gop: Remove unnecessary return value of grub_video_gop_fill_mode_info() - video/fb/fbfill: Fix potential integer overflow - video/fb/video_fb: Fix multiple integer overflows - video/fb/video_fb: Fix possible integer overflow - video/readers/jpeg: Test for an invalid next marker reference from a jpeg file - gfxmenu/gui_list: Remove code that coverity is flagging as dead - loader/bsd: Check for NULL arg up-front - loader/xnu: Fix memory leak - loader/xnu: Free driverkey data when an error is detected in grub_xnu_writetree_toheap() - loader/xnu: Check if pointer is NULL before using it - util/grub-install: Fix NULL pointer dereferences - util/grub-editenv: Fix incorrect casting of a signed value - util/glue-efi: Fix incorrect use of a possibly negative value - script/execute: Fix NULL dereference in grub_script_execute_cmdline() - commands/ls: Require device_name is not NULL before printing - script/execute: Avoid crash when using "$#" outside a function scope - CVE-2021-20225: lib/arg: Block repeated short options that require an argument - script/execute: Don't crash on a "for" loop with no items - CVE-2021-20233: commands/menuentry: Fix quoting in setparams_prefix() - kern/misc: Always set *end in grub_strtoull() - video/readers/jpeg: Catch files with unsupported quantization or Huffman tables - video/readers/jpeg: Catch OOB reads/writes in grub_jpeg_decode_du() - video/readers/jpeg: Don't decode data before start of stream - term/gfxterm: Don't set up a font with glyphs that are too big - fs/fshelp: Catch impermissibly large block sizes in read helper - fs/hfsplus: Don't fetch a key beyond the end of the node - fs/hfsplus: Don't use uninitialized data on corrupt filesystems - fs/hfs: Disable under lockdown - fs/sfs: Fix over-read of root object name - fs/jfs: Do not move to leaf level if name length is negative - fs/jfs: Limit the extents that getblk() can consider - fs/jfs: Catch infinite recursion - fs/nilfs2: Reject too-large keys - fs/nilfs2: Don't search children if provided number is too large - fs/nilfs2: Properly bail on errors in grub_nilfs2_btree_node_lookup() - io/gzio: Bail if gzio->tl/td is NULL - io/gzio: Add init_dynamic_block() clean up if unpacking codes fails - io/gzio: Catch missing values in huft_build() and bail - io/gzio: Zero gzio->tl/td in init_dynamic_block() if huft_build() fails - disk/lvm: Don't go beyond the end of the data we read from disk - disk/lvm: Don't blast past the end of the circular metadata buffer - disk/lvm: Bail on missing PV list - disk/lvm: Do not crash if an expected string is not found - disk/lvm: Do not overread metadata - disk/lvm: Sanitize rlocn->offset to prevent wild read - disk/lvm: Do not allow a LV to be it's own segment's node's LV - kern/parser: Fix a memory leak - kern/parser: Introduce process_char() helper - kern/parser: Introduce terminate_arg() helper - kern/parser: Refactor grub_parser_split_cmdline() cleanup - kern/buffer: Add variable sized heap buffer - CVE-2020-27749: kern/parser: Fix a stack buffer overflow - kern/efi: Add initial stack protector implementation - util/mkimage: Remove unused code to add BSS section - util/mkimage: Use grub_host_to_target32() instead of grub_cpu_to_le32() - util/mkimage: Always use grub_host_to_target32() to initialize PE stack and heap stuff - util/mkimage: Unify more of the PE32 and PE32+ header set-up - util/mkimage: Reorder PE optional header fields set-up - util/mkimage: Improve data_size value calculation - util/mkimage: Refactor section setup to use a helper - util/mkimage: Add an option to import SBAT metadata into a .sbat section - grub-install-common: Add --sbat option - kern/misc: Split parse_printf_args() into format parsing and va_list handling - kern/misc: Add STRING type for internal printf() format handling - kern/misc: Add function to check printf() format against expected format - gfxmenu/gui: Check printf() format in the gui_progress_bar and gui_label - kern/mm: Fix grub_debug_calloc() compilation error * Add SBAT section (thanks, Chris Coulson). Checksums-Sha1: 11142a84a3ebd771bcb7e478b867138d91f40d97 6885 grub2_2.02+dfsg1-20+deb10u4.dsc 38c0c2311788241927615993cf5c01777967da8b 1232364 grub2_2.02+dfsg1-20+deb10u4.debian.tar.xz f334e58f7fc23a9d3c5171a9bf6cf69f18000260 11116 grub2_2.02+dfsg1-20+deb10u4_source.buildinfo Checksums-Sha256: 53331b5e85d6d9ae1683432d196eb31aa47f6711065271b677257d66111eed37 6885 grub2_2.02+dfsg1-20+deb10u4.dsc a848eff90d7209500b965541026efe7e113e550cd2d6d42721c01ac962590e05 1232364 grub2_2.02+dfsg1-20+deb10u4.debian.tar.xz 6acbe0d662b9fdff19f2359d3065920e11a1983446ec3b5b7ea7a32dff5271fe 11116 grub2_2.02+dfsg1-20+deb10u4_source.buildinfo Files: 77f2db45caf2955f595c6623b802677a 6885 admin optional grub2_2.02+dfsg1-20+deb10u4.dsc 74afc7a61f46d8ff3d57891ff3a63277 1232364 admin optional grub2_2.02+dfsg1-20+deb10u4.debian.tar.xz 0f91deff5203d06f825225b7043d341c 11116 admin optional grub2_2.02+dfsg1-20+deb10u4_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAmA+D74ACgkQOTWH2X2G UAtrQQ/7BS3x5ts+UcZe83v+pM2IDLG/z9maz9m1JQyhN6eQ4vmafiVtGPYl1xll 0sYN/XNvngU7rVBV3s5NksoDpGcqUUkW15E0hRyWchHP6tAfREQVL2MQpsR7e0xZ G7grN5Mm8WGYKWZPUT3QvE3mVOeoKn8jYuMN24VvUYDkxycxwcSLHT9gaGHya8fw p9aqtMCfBMLzkUXwe8qlebou4S+F5FRDnJJFGNbqyDNkqBwcLfoVIjYQRaqr5g1B u84LHE7GHz5naJyhoaI3SB8vRxlprhX74/Qckk+Dt//9h7lNwxG853U3r3Lt9nBR WT96ZYRhT9pGPjtb3zmqT0LDIMyuapB3lMgj9bKvaY/Mr0aokeNxfD9bAUFV/YAt jq/YaIo9humotK0fsdmXCnqH+Joy/b7iyMpuJ+PfVaE3oKqg+WjKv9A/XC0dbXYh C/18m52FwmC2CmSYcOt4kEES2pCQQuh6we79lQ/FyYyf3Cuj2CKZYsQzyGJwg+wB 20OMsRSJ5FKLAuDyQDxv+lPBue5barxmlDnjZKmB202RK9t0TWRq4NdfAQj0BV9s M3hrEHO/mPqAkDETk0QjuJA0hwsuyAOJpgDi7efL+kK0GfnL2lXlTk8K7ZFAUlM5 KdyyfqOUMJhnI/WEENXelnFobQv1CZkHlrvuo4dW17uxi4IZeoo= =CObS -----END PGP SIGNATURE-----