-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 02 Oct 2023 16:11:34 +0200 Source: grub2 Architecture: source Version: 2.06-13+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: GRUB Maintainers <pkg-grub-devel@alioth-lists.debian.net> Changed-By: Julian Andres Klode <jak@debian.org> Changes: grub2 (2.06-13+deb12u1) bookworm-security; urgency=medium . [ Mate Kukri ] * SECURITY UPDATE: Crafted file system images can cause out-of-bounds write and may leak sensitive information into the GRUB pager. - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume- label.patch: fs/ntfs: Fix an OOB read when parsing a volume label - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-bs-for- index-at.patch: fs/ntfs: Fix an OOB read when parsing bitmaps for index attributes - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-dory- entries-fr.patch: fs/ntfs: Fix an OOB read when parsing directory entries from resident and non-resident index attributes - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-reading-data-fhe- reside.patch: fs/ntfs: Fix an OOB read when reading data from the resident $DATA + attribute - CVE-2023-4693 * SECURITY UPDATE: Crafted file system images can cause heap-based buffer overflow and may allow arbitrary code execution and secure boot bypass. - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-write-when-parsing-the- ATTRIBUTE_LIST-.patch: fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST attribute for the $MFT file - d/patches/ntfs-cve-fixes/fs-ntfs-Make-code-more-readable.patch fs/ntfs: Make code more readable - CVE-2023-4692 . [ Julian Andres Klode ] * Bump SBAT to grub,4 Checksums-Sha1: 00cd7af388fb45e5ae5a81cfc729bef15863484f 6854 grub2_2.06-13+deb12u1.dsc 86ff89731a0af97520a9329ea3a3652cf8cedde2 1115764 grub2_2.06-13+deb12u1.debian.tar.xz 916c890be6ff432be3c92fff3af1e2235190b131 12866 grub2_2.06-13+deb12u1_source.buildinfo Checksums-Sha256: 03f224abef299fd769ef0800d5cf81d65dbf2d1071988638c2348c3792ddf10f 6854 grub2_2.06-13+deb12u1.dsc 84e33fd5399c95410603e485a5b82b69d7f33e94c6146f3eb3bbe452894c8e6e 1115764 grub2_2.06-13+deb12u1.debian.tar.xz af26d828dbda1d6aa3bb84a41a93772d6725c7915f732bef0f8e9908632096e4 12866 grub2_2.06-13+deb12u1_source.buildinfo Files: c74b87ae1521df3feb274863ed7b169a 6854 admin optional grub2_2.06-13+deb12u1.dsc 05e83e408cbc7e01bdf1f006a0729f12 1115764 admin optional grub2_2.06-13+deb12u1.debian.tar.xz b549671d09c63937767fb4e7e88139e9 12866 admin optional grub2_2.06-13+deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJDBAEBCgAtFiEET7WIqEwt3nmnTHeHb6RY3R2wP3EFAmUa/GkPHGpha0BkZWJp YW4ub3JnAAoJEG+kWN0dsD9xoTIP/R2pP4aTSCGJ57sEW2wqh+QrRB69CMfFuMbr LrDDdHRXR2yxkAhKPwKOci80rEKR9cwd5HS/qYidLlc0IAvnVxjtoFatp+Mf8pRl aDwrZuL4VDVYT3PboTVsRRLTJxbRiPSrr6HC4pn53Iy2rye2RvqKJQ3wEwoEP+d8 ME8l/QHMJ80ktzCSLtWQHGmkLMQWUzRIQrqW9s78tDtqfT0Lg5tL+DGfwd1GIp/H c8JyPGMlVG6TbMOZna0crTdGjobNkYRvqR1mQwKwUiTcV4JpkqKcYsEHlHrbooV3 DeKIqrYxkZoG3amqX9MAuHsutQCMi3KKAmcVn/YTTJcEIpC4cxHcnKbuJL8nEYuO XJUMvbf4JTaLeZivCVm1hCjprBei5Xmx8mWD99SrQbXc+yHIwOnlBbImhhEj6DAm StbmIT+W7vZ8gCy4iwDFpqL6uDMKpeOWMxnvHCAhyH1yWVb2epoHoe8HaGmLx7pj 5JJM7AyTo52MjXDcuamhhRu8ZWnIyvJ/Kd1H6sIn4daE0nSJBsB7wTlKar3kz2wv DzNl7eJ51EBikeKoySc78GNHznWc4RLJWLJ46s8lF3wIiWBS6gsKxJl+QgMo6WfJ jJs7H4YQBVEzKpdqHLcwbPsRefvv+HMub1QHqNw8/YAb5g+lJi5HoRhYPjbWSIbP DOKoQ/hC =xvVe -----END PGP SIGNATURE-----