Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted grub2 2.12-2 (source) into unstable
Date: Fri, 05 Apr 2024 19:34:45 +0000
Signed by: Julian Andres Klode <jak@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Apr 2024 20:45:55 +0200
Source: grub2
Architecture: source
Version: 2.12-2
Distribution: unstable
Urgency: medium
Maintainer: GRUB Maintainers <pkg-grub-devel@alioth-lists.debian.net>
Changed-By: Julian Andres Klode <jak@debian.org>
Changes:
 grub2 (2.12-2) unstable; urgency=medium
 .
   [ Mate Kukri ]
   * Revert peimage to re-use GRUB's image handle (LP: #2057679) (LP: #2054127)
   * d/build-efi-images: Make sure downstream didn't remove peimage SBAT
     entry
   * SECURITY UPDATE: Use-after-free in peimage module [LP: #2054127]
     - CVE-2024-2312
 .
   [ Julian Andres Klode ]
   * Bump SBAT level to `grub.peimage,2`; and also bump `grub.debian,5` to
     make sure we can revoke any downstream users of peimage that forgot to
     include the grub.peimage component if that should become necessary.
Checksums-Sha1:
 d031e49f742966cd8573000662dca5a03390fd51 7382 grub2_2.12-2.dsc
 9ef29f0fe7b621dbf80fdc0522db50857ec2a6b4 1093592 grub2_2.12-2.debian.tar.xz
 e8b7510fc0171d1b32bf0425b8e12664eb6c5bcd 14088 grub2_2.12-2_source.buildinfo
Checksums-Sha256:
 4f2a361a0489c69bada56d71971fcaff69f2a238402d43a27772eb4b36be1128 7382 grub2_2.12-2.dsc
 d18abe39f859f9c53ef54963ba345b8d436511f61fada45355154908f29091e7 1093592 grub2_2.12-2.debian.tar.xz
 181e4dbf3e624c780c9813d1c276289e135dd643e460780bc943a3723ba743d8 14088 grub2_2.12-2_source.buildinfo
Files:
 4ef1402fcdf21f6534db5021a817f49c 7382 admin optional grub2_2.12-2.dsc
 2f2e004557ae483f73a6a8c7b26e71f5 1093592 admin optional grub2_2.12-2.debian.tar.xz
 f569af01676dddbaa3034225c45a701d 14088 admin optional grub2_2.12-2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJDBAEBCgAtFiEET7WIqEwt3nmnTHeHb6RY3R2wP3EFAmYQR+sPHGpha0BkZWJp
YW4ub3JnAAoJEG+kWN0dsD9xZD8QAI12jODGLVMixJ/zteAJnUHJVOeYLleDHkoK
T60ghfQ64kytk496g0nuV2vOydfCyCp0JumhaiGx/iZSYs9p6ScV7TUedSuLbG7v
OohvB+Rw/4F/exruxrWtV6WJybMfZeunHwcoBOvJeMNapOb0a8SGil39Z4sZrZLv
8Oupr8NNZG1dJ0JmyQKsG+MoOTXbmVdEPet+Duwg2aaBaBAbXLqKpJkhlatB8LbK
o9IsJco6kE2QhTqjbgnoYQ80YA8fa7tzxyvmImW4L1KY+Mixr8L9rnEr2pfEcX9o
S9K4ORREu9Akm/s4PKcUENiSmfgLg2RffmVqUly9rqSsIsntGZjSqs5XYyOkKMNp
1A1vpQ7At3r+FDlAUn+RlpwX/Ey0x2ajNZlWgvtSjwo9h35+8w6TUaJ+pCm1IOs/
Tqt6N+pqDlAAPQu/yUOACoQoC5OG6z5lXVqWtGr2SXWLNpzWrjdNVG8JHtiSG6uG
fyjtEig1dCp8HywSthaKKR3+rNUibHZVd4v2f5I6tRZxA/dKP3JCjXOts5nUwi8u
Np5bLbJnDOrMyBEavu1wZHGmvesH2ZekeEEvF31+jOxcGQhp449X94yBVBLwh2Br
ofW0km/Nyin52Nl8gIJN6NuR6wGwR0/KOR3H0DpDBd5YivZx/iaaQvz5Qum48itn
XkGWeGUr
=IdmV
-----END PGP SIGNATURE-----

News for package grub2