1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5519-1] grub2 security update

    From Salvatore Bonaccorso@21:1/5 to All on Fri Oct 6 21:10:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5519-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 06, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : grub2
    CVE ID : CVE-2023-4692 CVE-2023-4693

    Maxim Suhanov discovered multiple vulnerabilities in GURB2's code to
    handle NTFS filesystems, which may result in a Secure Boot bypass.

    For the oldstable distribution (bullseye), these problems have been fixed
    in version 2.06-3~deb11u6.

    For the stable distribution (bookworm), these problems have been fixed in version 2.06-13+deb12u1.

    We recommend that you upgrade your grub2 packages.

    For the detailed security status of grub2 please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/grub2

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmUgWX5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0S1bxAAoIlLLu0nPXCGZRJydLVpVdkgkosdnlLxMR/oN2rTAWG6f1I2VatAPSKE rBtRSi32TSuLW3Ir6lY+O7Jk7ONKGGbh4CSD1EcFb1w7sylwHZY5mtpMfS7tCDc2 PAasJXSlMXlzRjO0pPCpazYHHmBYAap/JBVc89ZepwleegAoL1UoIaE+eCRliLS9 H00CWdIsnr7F22HNsN+SYyK0itHyqtgx6M1F5v7eXaGd5bPbN1mCTV8okBkCEU7h p14+sEQtrFLLPW1WyBzSEMPWtgrVcOgGy2wBqZRK5UoCUDBohCyjcZFig7ZQ6vuT YTbDMwxBeI6ycK8BpccD+8kZqzNKjjgUPlvu92FxflqYjg98GIa9rcBhETEbare5 RnwhQteYbr+Yn90hng5xvEXu7CC+7nKm+X4jzM2lHRGm56WCeE26+DQ0JB8J2yu+ donTd+vhgLfTgADb9V0nFJh0hecHqh5/n0Jhu5u/ImxhDzbcqlfijNAl42udQmeQ a2V6sBWJxabgJhEGeazEGuWHqpqXJk9dc8xuqWYYGmv4Fioi+2TVAI8lsnRbX4qp 0MU2hrOCHsnccV0VOvENV3dTzgRO5UqUI0xC88FLckz5JQUjh81dGvezuQ1NQNSE AWamwBka/lqyBTg7AMQEwsiximYYyO4DkSBslzMsNGi5pZCc8rk=
    =+IHG
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)