grub2 (2.12-1~bpo12+2) bookworm; urgency=medium * Non-maintainer upload. * patch: iofilter-add-zstd-decomp.patch support for zstd iofilter by Logan Gunthorpe * no alt-arch build -- Mark Pryor Fri, 17 Oct 2025 11:10:32 -0700 grub2 (2.12-1~bpo12+1) bookworm-backports; urgency=medium * Rebuild for bookworm-backports. -- John Goerzen Tue, 27 Feb 2024 20:25:36 -0600 grub2 (2.12-1) unstable; urgency=medium [ Mate Kukri ] * New upstream version, 2.12 * d/patches: Rebase on `upstream/2.12` and drop superseded patches: - Dropping patches now included upstream: + d/p/ntfs-cve-fixes/*: Fixes for NTFS OOB CVE + d/p/upstream/xfs-*: XFS parsing fixes + d/p/upstream/unmerged-usr-shebang.patch - Dropping patch replaced with configure option: + d/p/dejavu-font-path.patch * d/rules: Pass configure option '--enable-grub-themes' * d/rules: Provide Debian specific DejaVu path via configure * d/{control,rules}: Use default gcc version * d/p/extra_deps_lst.patch: Checkout "extra_deps.lst" from upstream/master * d/p/sb/revert-efi-fallback-to-legacy.patch: Also revert newer fallback patch [ Julian Andres Klode ] * Add Mate to Uploaders -- Mate Kukri Mon, 15 Jan 2024 09:54:55 +0000 grub2 (2.12~rc1-13) unstable; urgency=medium * No-change rebuild to retrigger signing following binNMU breakage -- Julian Andres Klode Fri, 12 Jan 2024 19:00:41 +0100 grub2 (2.12~rc1-12) unstable; urgency=medium [ Mate Kukri ] * Port UEFI based network stack to 2.12 (LP: #2039081) * efi: Correct image unloading behavior * Prevent the incorrect use of `UnloadImage()` by binaries loaded by peimage * efinet: HTTP_MESSAGE fix field size (LP: #2043084) [ Abe Wieland ] * Maintain administrator value for os-prober [ Julian Andres Klode ] * Cherry-pick upstream XFS directory extent parsing fixes (Closes: #1051543) (LP: #2039172) -- Julian Andres Klode Thu, 09 Nov 2023 14:13:44 +0200 grub2 (2.12~rc1-11) unstable; urgency=medium [ Mate Kukri ] * SECURITY UPDATE: Crafted file system images can cause out-of-bounds write and may leak sensitive information into the GRUB pager. - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume- label.patch: fs/ntfs: Fix an OOB read when parsing a volume label - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-bs-for- index-at.patch: fs/ntfs: Fix an OOB read when parsing bitmaps for index attributes - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-dory- entries-fr.patch: fs/ntfs: Fix an OOB read when parsing directory entries from resident and non-resident index attributes - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-reading-data-fhe- reside.patch: fs/ntfs: Fix an OOB read when reading data from the resident $DATA + attribute - CVE-2023-4693 * SECURITY UPDATE: Crafted file system images can cause heap-based buffer overflow and may allow arbitrary code execution and secure boot bypass. - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-write-when-parsing-the- ATTRIBUTE_LIST-.patch: fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST attribute for the $MFT file - d/patches/ntfs-cve-fixes/fs-ntfs-Make-code-more-readable.patch fs/ntfs: Make code more readable - CVE-2023-4692 * efi: Cleanup peimage.c [ Julian Andres Klode ] * Bump SBAT to grub,4 -- Julian Andres Klode Mon, 02 Oct 2023 15:55:25 +0200 grub2 (2.12~rc1-10) unstable; urgency=medium [ Julian Andres Klode ] * Cherry pick fix for unmerged usr shebang (Closes: #1051251) * grub-common.dirs: Install empty /etc/default/grub.d (Closes: #1051412) [ Mate Kukri ] * efi: Eliminate globals from the `peimage.c` chainloader -- Julian Andres Klode Mon, 18 Sep 2023 12:23:29 +0200 grub2 (2.12~rc1-9) unstable; urgency=medium * Correct the Breaks to include the ~rc1 bit of the version -- Julian Andres Klode Tue, 05 Sep 2023 19:13:30 +0200 grub2 (2.12~rc1-8) unstable; urgency=medium * Have -bin packages Break pre-2.12 -signed packages. On insecurely booted systems, upgrading the -bin packages with the modules before the -signed packages caused the signed binaries to crash when loading additional modules. (Closes: #1051271) * Revert "In the signed packages, change the version dependency" This reverts commit 680bb22c3308b7ccd0a7eb7923c7d68067b626f9. The signed package needs the modules to be at the same version during boot on insecure systems or it may crash trying to load further modules. * Set Protected: yes for -signed packages so they cannot easily be removed. This ensures that the = depends in grub-efi-amd64-signed does not cause it to be removed when it is out of sync with src:grub2 -- Julian Andres Klode Tue, 05 Sep 2023 19:06:05 +0200 grub2 (2.12~rc1-7) unstable; urgency=medium * Upload to unstable -- Julian Andres Klode Mon, 04 Sep 2023 20:03:09 +0200 grub2 (2.12~rc1-6) experimental; urgency=medium * Use rm_conffile instead of remove-on-upgrade. This works with ftp-master's old lintian version and allows easy backports -- Julian Andres Klode Mon, 04 Sep 2023 16:57:55 +0200 grub2 (2.12~rc1-5) experimental; urgency=medium [ Felix Zielcke ] * Add salsa-ci.yml and disable blhc and reprotest pipelines. * remove on upgrades /etc/default/grub.d/init-select.cfg. (Closes: #1042707) [ Julian Andres Klode ] * peimage: Set file_path for loaded image (LP: #2030810, #2032294) * Hack up the lintian overrides for stable lintian on ftp-master -- Julian Andres Klode Mon, 04 Sep 2023 14:16:12 +0200 grub2 (2.12~rc1-4) experimental; urgency=medium [ Julian Andres Klode ] * Fix quiet boot feature * Drop fs-tester-time-fail.patch, upstream * postinst: look at /boot/grub/$target/core.efi to determine if we ran already * Cherry-pick additional Ubuntu patches - zstd-require-8-byte-buffer.patch: Fix for buffer size in zstd - recovery-dis_ucode_ldr.patch: Pass dis_ucode_ldr to kernel for recovery mode - hwmatch-only-on-grub-pc-platform.patch: Only call hwmatch on grub-pc (Closes: #990836) - fdt-add-debug-output-to-devicetree-command.patch: Debugging output for the devicetree command - fdt-device-tree-fixup-protocol.patch: Support for u-boot device tree fixup protocol - fat-fix-listing-the-root-directory.patch: Fix listing of files with 0 timestamps in FAT - efivar-check-that-efivarfs-is-writeable.patch: Do not hard error if we cannot write the EFI variables. Some implementations, like u-boot do not support writing them. * Only build peimage on supported architectures * debian/po: Refresh templates [ Felix Zielcke ] * Update mkconfig-ubuntu-recovery.patch to respect GRUB_CMDLINE_LINUX_RECOVERY from /etc/default/grub. (Closes: #766530, #922425) * Strip grub-emu binary. -- Julian Andres Klode Fri, 28 Jul 2023 14:54:14 +0200 grub2 (2.12~rc1-3) experimental; urgency=medium * Build peimage as a module and insert into signed images * peimage: Copy the image header and ensure it's not clobbered * Drop grub.cfg-400.patch, world-readable boot config violates several guidelines unfortunately * Drop mkconfig-other-inits.patch (alternative init boot options) * Order patches not used by Ubuntu last to simplify maintenance * Drop mkconfig-signed-kernel.patch, .signed kernels are no longer used -- Julian Andres Klode Tue, 25 Jul 2023 16:44:12 +0200 grub2 (2.12~rc1-2) experimental; urgency=medium [ Julian Andres Klode ] * Build-Depend on libsdl2-dev instead of libsdl1.2-dev (Closes: #1038035) * Link peimage into arm_efi target, fixes armhf/armel FTBFS * peimage: Add chainloader support [ Heinrich Schuchardt ] * Enable building for RISC-V (LP: #1876620) (Closes: #995718) -- Julian Andres Klode Fri, 21 Jul 2023 18:02:28 +0200 grub2 (2.12~rc1-1) experimental; urgency=medium [ Julian Andres Klode ] * New upstream version, 2.12~rc1 * build-efi-images: Drop linuxefi, using new loaders now * Do not try to install gmodule.pl, it was rewritten in Python * Rebase patches - Temporarily drop -dpkg-version-comparison.patch, needs to be adjusted for switch from comparison to sort -V - Drop -linuxefi.patch, fix-lockdown.patch, arm64-handover-to-kernel-if-sb-enabled.patch; we will be using the upstream loader now, with an additional compat layer for shim tbd - Apply new network patch set from mailing list (no additional patches yet) - Drop ton of patches applied upstream * Implement an alternative approach to secure boot, using the upstream EFI loader, and temporarily emulating load_image() and friends using Ubuntu's peimage file while a image protocol is being added to shim. * Build-Depend on gawk, it fails to compile with mawk * Fix lzo test and xfail tests requiring root * Fix lintian overrides * Add grub,debian13,1 and grub.peimage,1 SBAT levels, this allows individually revoking the parts affecting only trixie or the new shared peimage loader. [ Dimitri John Ledkov ] * Include fdt modules in arm64 EFI images, tpm in all archs (LP: #2008950) -- Julian Andres Klode Wed, 19 Jul 2023 19:21:17 +0200 grub2 (2.06-14) experimental; urgency=medium [ Julian Andres Klode ] * "Upstreaming" Ubuntu changes, part 1. * Fixup filename for debian/patches/gcc12_build_dangling_pointer.patch * Disable os-prober for ppc64el on the PowerNV platform (for Petitboot) * Build with FUSE3 (LP: #1935659) * build-efi-images: Add http to netboot images * Bundle unicode.pf2 in a squashfs memdisk attached to the signed EFI binary * Automatic patch queue rebase [ Dimitri John Ledkov ] * minilzo: built using the distribution's minilzo * dirs.in: create var/lib/grub/ucf in grub-efi-amd64 (and similar) * grub-common.service: port init.d script to systemd unit. Add warning message, when initrdless boot fails triggering fallback. LP: #1901553 * Make prebuilt netboot image look for grub.cfg-$deb_arch * Link grub-efi-{amd64,arm64}-bin docs directory [ Jeffery To ] * Add hibernation resumption support to grub-common.service -- Julian Andres Klode Mon, 19 Jun 2023 17:26:49 +0200 grub2 (2.06-13) unstable; urgency=medium [ Steve McIntyre ] * When *also* installing to the removable media path, include the relevant mokmanager binary. Closes: #1034409 [ General Chaos ] * Allow initrd to contain spaces. Closes: #838177, #820838. [ Translators ] * Update lots of translations of debconf templates, thanks to the following: + Welsh (Dafydd Tomos) + German (Helge Kreutzmann). Closes: #1034850 + Croatian (Tomislav Krznar) + Greek (Emmanuel Galatoulas) + Esperanto (Felipe Castro) + French (Baptiste Jammet). Closes: #1035761 + Italian (Luca Monducci). Closes: #1034825 + Kazakh (Baurzhan Muftakhidinov) + Korean (Changwoo Ryu). Closes: #1034868 + Latvian (Rudolfs Mazurs) + Dutch (Frans Spiesschaert). Closes: #1035399 + Norwegian Bokmål (Petter Reinholdtsen, Sverre Vaabenoe) + Brazilian Portuguese (Adriano Rafael Gomes). Closes: #1035905 + Romanian (Remus-Gabriel Chelu) + Russian (Yuri Kozlov). Closes: #1035294 + Turkish (Atila KOÇ). Closes: #1035846 + Swedish (Luna Jernberg) -- Steve McIntyre <93sam@debian.org> Sun, 23 Apr 2023 20:55:54 +0100 grub2 (2.06-12) unstable; urgency=medium * Fix up arm64 SB patch to fix build failure on 32-bit arm systems -- Steve McIntyre <93sam@debian.org> Fri, 21 Apr 2023 13:30:26 +0100 grub2 (2.06-11) unstable; urgency=medium * And try again... :-/ -- Steve McIntyre <93sam@debian.org> Fri, 21 Apr 2023 01:50:26 +0100 grub2 (2.06-10) unstable; urgency=medium * Fix 32-bit build with the osdep/devmapper/getroot patches. -- Steve McIntyre <93sam@debian.org> Fri, 21 Apr 2023 01:14:13 +0100 grub2 (2.06-9) unstable; urgency=medium [ Steve McIntyre ] * postinst: make config_item() more robust * Add debconf logic for GRUB_DISABLE_OS_PROBER to make it easier to control things here. Particularly useful for the installer. Closes: #1031594, #1012865, #1025698. * Add luks2 to the signed grub efi images. Closes: #1001248 [ Ben Hutchings ] * Fix probing of LUKS2 devices (Closes: #1028301): - disk/cryptodisk: When cheatmounting, use the sector info of the cheat device - osdep/devmapper/getroot: Have devmapper recognize LUKS2 - osdep/devmapper/getroot: Set up cheated LUKS2 cryptodisk mount from DM parameters [ Emanuele Rocca ] * Add arm64-handover-to-kernel-if-sb-enabled.patch to fix Secure Boot on arm64 (Closes: #1033657) [ Mattia Rizzolo ] * Don't warn about os-prober if it's not installed. Closes: #1020769 -- Steve McIntyre <93sam@debian.org> Thu, 20 Apr 2023 20:35:11 +0100 grub2 (2.06-8.1) experimental; urgency=medium * Non-maintainer upload. * Fix an issue where a logical volume rename would lead grub to fail to boot (Closes: #987008) -- Antoine Beaupré Sat, 25 Feb 2023 15:16:55 -0500 grub2 (2.06-8) unstable; urgency=medium [ Steve McIntyre ] * Fix an issue in an f2fs security fix which caused mount failures. Closes: #1021846. Thanks to программист некто for helping to debug the problem! * Switch build-deps from gcc-10 to gcc-12. Closes: #1022184 * Include upstream patch to enable EFI zboot support on arm64. Closes: #1026092 * grub-mkconfig: Restore umask for the grub.cfg. CVE-2021-3981 Closes: #1001414 * postinst: be more verbose when using grub-install to install onto devices. * /etc/default/grub: Fix comment about text-mode console. Fixes #845683 * grub-install: Don't install the shim fallback program when called with --removable. Closes: #1016737 * grub-install: Don't use our grub CD EFI image for --removable. Closes: #1026915. Thanks to Pascal Hambourg for the patch. * Ignore some new ext2 flags to stay compatible with latest mke2fs defaults. Closes: #1030846 [ Colin Watson ] * Remove myself from Uploaders. -- Steve McIntyre <93sam@debian.org> Thu, 09 Feb 2023 01:09:00 +0000 grub2 (2.06-7) unstable; urgency=medium [ Steve McIntyre ] * Fix bug in core file code so errors are handled better. This makes the fallback font-handling patch work properly. Closes: #1025469, #1025477. -- Steve McIntyre <93sam@debian.org> Tue, 06 Dec 2022 03:14:53 +0000 grub2 (2.06-6) unstable; urgency=medium [ Steve McIntyre ] * Include fonts in the memdisk build for EFI images. Closes: #1024395, #1025352, #1024447 * Bump Debian SBAT level to 4 - Due to a mistake in the buster upload (2.06-3~deb10u2) that left the CVE-2022-2601 bugs in place, we need to bump SBAT for all of the Debian GRUB binaries. :-( * Switch away from git-dpm -- Steve McIntyre <93sam@debian.org> Sun, 04 Dec 2022 20:42:23 +0000 grub2 (2.06-5) unstable; urgency=high [ Steve McIntyre ] * Explicitly unset SOURCE_DATE_EPOCH before running fs tests * Pull in upstream patches to harden font and image handling - CVE-2022-2601, CVE-2022-3775. * Bump SBAT level to 3 for grub-efi packages -- Steve McIntyre <93sam@debian.org> Sun, 13 Nov 2022 00:33:35 +0000 grub2 (2.06-4) unstable; urgency=high [ Steve McIntyre ] * Updated the 2.06-3 changelog to mention closure of CVE-2022-28736 * Add a commented-out GRUB_DISABLE_OS_PROBER section to /etc/default/grub to make it easier for users to turn os-prober back on if they want it. Closes: #1013797, #1009336 * Add smbios to the signed grub efi images. Closes: #1008106 * Add serial to the signed grub efi images. Closes: #1013962 * grub2-common: Remove dependency on install-info, it's apparently not needed. Closes: #1013698 * Don't strip Xen binaries so they work again. Closes: #1017944. Thanks to Valentin Kleibel for the patch. -- Steve McIntyre <93sam@debian.org> Wed, 14 Sep 2022 22:35:49 +0100 grub2 (2.06-3) unstable; urgency=medium [ Colin Watson ] * Update a few leftover uses of "which" to use "command -v" instead. * Remove some old Lintian overrides. * Trim trailing whitespace. * debian/copyright: use spaces rather than tabs to start continuation lines. * Add missing ${misc:Depends} to Depends for grub-efi-ia32-signed-template, grub-efi-amd64-signed-template, grub-efi-arm64-signed-template. * Bump debhelper from old 10 to 13. * Set upstream metadata fields: Bug-Submit (from ./configure), Repository, Repository-Browse. * Drop now-unnecessary sparc PIE workaround from debian/rules (thanks, John Paul Adrian Glaubitz; closes: #952815). [ Debconf translations ] * [id] Indonesian (Andika Triwidada; closes: #1007706). [ Julian Andres Klode ] * Add Julian Andres Klode to uploaders * Disable building with LTO, as used in Ubuntu and possibly other downstreams (maybe Debian one day), as that breaks the build. * SECURITY UPDATE: Crafted PNG grayscale images may lead to out-of-bounds write in heap. - 0070-video-readers-png-Drop-greyscale-support-to-fix-heap.patch: video/readers/png: Drop greyscale support to fix heap out-of-bounds write - CVE-2021-3695 * SECURITY UPDATE: Crafted PNG image may lead to out-of-bound write during huffman table handling. - 0071-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch: video/readers/png: Avoid heap OOB R/W inserting huff table items - CVE-2021-3696 * SECURITY UPDATE: Crafted JPEG image can lead to buffer underflow write in the heap. - 0076-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch: video/readers/jpeg: Block int underflow -> wild pointer write - CVE-2021-3697 * SECURITY UPDATE: Integer underflow in grub_net_recv_ip4_packets - 0079-net-ip-Do-IP-fragment-maths-safely.patch: net/ip: Do IP fragment maths safely - CVE-2022-28733 * SECURITY UPDATE: Out-of-bounds write when handling split HTTP headers - 0085-net-http-Fix-OOB-write-for-split-http-headers.patch: net/http: Fix OOB write for split http headers - CVE-2022-28734 * SECURITY UPDATE: shim_lock verifier allows non-kernel files to be loaded - 0066-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch: kern/efi/sb: Reject non-kernel files in the shim_lock verifier - CVE-2022-28735 - Closes: #1001057 * SECURITY UPDATE: use-after-free in grub_cmd_chainloader() - 0063-loader-efi-chainloader-Simplify-the-loader-state.patch: loader/efi/chainloader: simplify the loader state - 0064-commands-boot-Add-API-to-pass-context-to-loader.patch: commands/boot: Add API to pass context to loader - 0065-loader-efi-chainloader-Use-grub_loader_set_ex.patch: loader/efi/chainloader: Use grub_loader_set_ex - 0066-loader-i386-efi-linux-Use-grub_loader_set_ex.patch: loader/i386/efi/linux: Use grub_loader_set_ex - CVE-2022-28736 * Various fixes as a result of fuzzing and static analysis: - 0067-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch: kern/file: Do not leak device_name on error in grub_file_open() - 0068-video-readers-png-Abort-sooner-if-a-read-operation-f.patch: video/readers/png: Abort sooner if a read operation fails - 0069-video-readers-png-Refuse-to-handle-multiple-image-he.patch: video/readers/png: Refuse to handle multiple image headers - 0072-video-readers-png-Sanity-check-some-huffman-codes.patch: video/readers/png: Sanity check some huffman codes - 0073-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch: video/readers/jpeg: Abort sooner if a read operation fails - 0074-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch: video/readers/jpeg: Do not reallocate a given huff table - 0075-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch: video/readers/jpeg: Refuse to handle multiple start of streams - 0077-normal-charset-Fix-array-out-of-bounds-formatting-un.patch: normal/charset: Fix array out-of-bounds formatting unicode for display - 0078-net-netbuff-Block-overly-large-netbuff-allocs.patch: net/netbuff: Block overly large netbuff allocs - 0080-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch: net/dns: Fix double-free addresses on corrupt DNS response - 0081-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch: net/dns: Don't read past the end of the string we're checking against - 0082-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch: net/tftp: Prevent a UAF and double-free from a failed seek - 0083-net-tftp-Avoid-a-trivial-UAF.patch: net/tftp: Avoid a trivial UAF - 0084-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch: net/http: Do not tear down socket if it's already been torn down - 0086-net-http-Error-out-on-headers-with-LF-without-CR.patch: net/http: Error out on headers with LF without CR - 0087-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch: fs/f2fs: Do not read past the end of nat journal entries - 0088-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch: fs/f2fs: Do not read past the end of nat bitmap - 0089-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch: fs/f2fs: Do not copy file names that are too long - 0090-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch: fs/btrfs: Fix several fuzz issues with invalid dir item sizing - 0091-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch: fs/btrfs: Fix more ASAN and SEGV issues found with fuzzing - 0092-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch: fs/btrfs: Fix more fuzz issues related to chunks * Bump SBAT generation: - update debian/sbat.debian.csv.in -- Julian Andres Klode Fri, 10 Jun 2022 11:15:11 +0200 grub2 (2.06-2) unstable; urgency=medium * Update to minilzo-2.10, fixing build failures on armel, mips64el, mipsel, and ppc64el. -- Colin Watson Mon, 29 Nov 2021 00:10:09 +0000 grub2 (2.06-1) unstable; urgency=medium * Use "command -v" in maintainer scripts rather than "which". * New upstream release. - Switch to the upstream shim_lock verifier, dropping several more manual checks for UEFI Secure Boot. * Cherry-pick from upstream: - fs/xfs: Fix unreadable filesystem with v4 superblock - tests/ahci: Change "ide-drive" deprecated QEMU device name to "ide-hd" (closes: #997100) * Remove dir_to_symlink maintainer script code, which was only needed for upgrades from before jessie. -- Colin Watson Sun, 28 Nov 2021 13:30:32 +0000 grub2 (2.04-20) unstable; urgency=medium [ Mathieu Trudel-Lapierre ] * tpm: Pass unknown error as non-fatal, but debug print the error we got (closes: #940911, LP: #1848892). -- Colin Watson Sun, 11 Jul 2021 00:37:36 +0100 grub2 (2.04-19) unstable; urgency=medium * Resync grub-install backup and restore patches from upstream, fixing problems that left the system unbootable after certain kinds of failure (closes: #983435). -- Colin Watson Sat, 19 Jun 2021 13:04:38 +0100 grub2 (2.04-18) unstable; urgency=medium [ Steve McIntyre ] * Enable the shim_lock and tpm modules for i386-efi too. Ensure that tpm is included in our EFI images. * List the modules we include the EFI images - make it easier to debug things. * Add debug to display what's going on with verifiers [ Colin Watson ] * util/mkimage: Some fixes to PE binaries section size calculation (closes: #987103). -- Colin Watson Sun, 25 Apr 2021 16:20:17 +0100 grub2 (2.04-17) unstable; urgency=medium * Pass --sbat when building the d-i netboot image as well. * i386-pc: build verifiers API as module (thanks, Michael Chang; closes: #984488, #985374). -- Colin Watson Fri, 19 Mar 2021 10:41:41 +0000 grub2 (2.04-16) unstable; urgency=medium * Fix broken advice in message when the postinst has to bail out (thanks to Daniel Leidert for pointing out the problem). * Backport security patch series from upstream: - verifiers: Move verifiers API to kernel image - kern: Add lockdown support - kern/lockdown: Set a variable if the GRUB is locked down - efi: Lockdown the GRUB when the UEFI Secure Boot is enabled - efi: Use grub_is_lockdown() instead of hardcoding a disabled modules list - CVE-2020-14372: acpi: Don't register the acpi command when locked down - CVE-2020-27779: mmap: Don't register cutmem and badram commands when lockdown is enforced - commands: Restrict commands that can load BIOS or DT blobs when locked down - commands/setpci: Restrict setpci command when locked down - commands/hdparm: Restrict hdparm command when locked down - gdb: Restrict GDB access when locked down - loader/xnu: Don't allow loading extension and packages when locked down - docs: Document the cutmem command - CVE-2020-25632: dl: Only allow unloading modules that are not dependencies - CVE-2020-25647: usb: Avoid possible out-of-bound accesses caused by malicious devices - mmap: Fix memory leak when iterating over mapped memory - net/net: Fix possible dereference to of a NULL pointer - net/tftp: Fix dangling memory pointer - kern/parser: Fix resource leak if argc == 0 - kern/efi: Fix memory leak on failure - kern/efi/mm: Fix possible NULL pointer dereference - gnulib/regexec: Resolve unused variable - gnulib/regcomp: Fix uninitialized token structure - gnulib/argp-help: Fix dereference of a possibly NULL state - gnulib/regexec: Fix possible null-dereference - gnulib/regcomp: Fix uninitialized re_token - io/lzopio: Resolve unnecessary self-assignment errors - zstd: Initialize seq_t structure fully - kern/partition: Check for NULL before dereferencing input string - disk/ldm: Make sure comp data is freed before exiting from make_vg() - disk/ldm: If failed then free vg variable too - disk/ldm: Fix memory leak on uninserted lv references - disk/cryptodisk: Fix potential integer overflow - hfsplus: Check that the volume name length is valid - zfs: Fix possible negative shift operation - zfs: Fix resource leaks while constructing path - zfs: Fix possible integer overflows - zfsinfo: Correct a check for error allocating memory - affs: Fix memory leaks - libgcrypt/mpi: Fix possible unintended sign extension - libgcrypt/mpi: Fix possible NULL dereference - syslinux: Fix memory leak while parsing - normal/completion: Fix leaking of memory when processing a completion - commands/hashsum: Fix a memory leak - video/efi_gop: Remove unnecessary return value of grub_video_gop_fill_mode_info() - video/fb/fbfill: Fix potential integer overflow - video/fb/video_fb: Fix multiple integer overflows - video/fb/video_fb: Fix possible integer overflow - video/readers/jpeg: Test for an invalid next marker reference from a jpeg file - gfxmenu/gui_list: Remove code that coverity is flagging as dead - loader/bsd: Check for NULL arg up-front - loader/xnu: Fix memory leak - loader/xnu: Free driverkey data when an error is detected in grub_xnu_writetree_toheap() - loader/xnu: Check if pointer is NULL before using it - util/grub-install: Fix NULL pointer dereferences - util/grub-editenv: Fix incorrect casting of a signed value - util/glue-efi: Fix incorrect use of a possibly negative value - script/execute: Fix NULL dereference in grub_script_execute_cmdline() - commands/ls: Require device_name is not NULL before printing - script/execute: Avoid crash when using "$#" outside a function scope - CVE-2021-20225: lib/arg: Block repeated short options that require an argument - script/execute: Don't crash on a "for" loop with no items - CVE-2021-20233: commands/menuentry: Fix quoting in setparams_prefix() - kern/misc: Always set *end in grub_strtoull() - video/readers/jpeg: Catch files with unsupported quantization or Huffman tables - video/readers/jpeg: Catch OOB reads/writes in grub_jpeg_decode_du() - video/readers/jpeg: Don't decode data before start of stream - term/gfxterm: Don't set up a font with glyphs that are too big - fs/fshelp: Catch impermissibly large block sizes in read helper - fs/hfsplus: Don't fetch a key beyond the end of the node - fs/hfsplus: Don't use uninitialized data on corrupt filesystems - fs/hfs: Disable under lockdown - fs/sfs: Fix over-read of root object name - fs/jfs: Do not move to leaf level if name length is negative - fs/jfs: Limit the extents that getblk() can consider - fs/jfs: Catch infinite recursion - fs/nilfs2: Reject too-large keys - fs/nilfs2: Don't search children if provided number is too large - fs/nilfs2: Properly bail on errors in grub_nilfs2_btree_node_lookup() - io/gzio: Bail if gzio->tl/td is NULL - io/gzio: Add init_dynamic_block() clean up if unpacking codes fails - io/gzio: Catch missing values in huft_build() and bail - io/gzio: Zero gzio->tl/td in init_dynamic_block() if huft_build() fails - disk/lvm: Don't go beyond the end of the data we read from disk - disk/lvm: Don't blast past the end of the circular metadata buffer - disk/lvm: Bail on missing PV list - disk/lvm: Do not crash if an expected string is not found - disk/lvm: Do not overread metadata - disk/lvm: Sanitize rlocn->offset to prevent wild read - disk/lvm: Do not allow a LV to be it's own segment's node's LV - fs/btrfs: Validate the number of stripes/parities in RAID5/6 - fs/btrfs: Squash some uninitialized reads - kern/parser: Fix a memory leak - kern/parser: Introduce process_char() helper - kern/parser: Introduce terminate_arg() helper - kern/parser: Refactor grub_parser_split_cmdline() cleanup - kern/buffer: Add variable sized heap buffer - CVE-2020-27749: kern/parser: Fix a stack buffer overflow - kern/efi: Add initial stack protector implementation - util/mkimage: Remove unused code to add BSS section - util/mkimage: Use grub_host_to_target32() instead of grub_cpu_to_le32() - util/mkimage: Always use grub_host_to_target32() to initialize PE stack and heap stuff - util/mkimage: Unify more of the PE32 and PE32+ header set-up - util/mkimage: Reorder PE optional header fields set-up - util/mkimage: Improve data_size value calculation - util/mkimage: Refactor section setup to use a helper - util/mkimage: Add an option to import SBAT metadata into a .sbat section - grub-install-common: Add --sbat option - kern/misc: Split parse_printf_args() into format parsing and va_list handling - kern/misc: Add STRING type for internal printf() format handling - kern/misc: Add function to check printf() format against expected format - gfxmenu/gui: Check printf() format in the gui_progress_bar and gui_label - kern/mm: Fix grub_debug_calloc() compilation error * Add SBAT section (thanks, Chris Coulson). -- Colin Watson Tue, 02 Mar 2021 18:00:00 +0000 grub2 (2.04-15) unstable; urgency=medium * Demote grub-common → mtools dependency to Suggests, to go with xorriso; explain the situation in the package description (closes: #982313). -- Colin Watson Mon, 08 Feb 2021 21:39:24 +0000 grub2 (2.04-14) unstable; urgency=medium [ Raphaël Hertzog ] * Extend grub-efi to also cover arm64/ia64/arm (closes: #981819). [ Colin Watson ] * Cherry-pick from upstream: - grub-install: Fix inverted test for NLS enabled when copying locales (closes: #979754). * Fix handling of trailing commas in grub-pc/install_devices (closes: #913928). * Make grub-firmware-qemu Recommend/Enhance qemu-system-x86, not qemu (closes: #966243). * Make grub-common depend on mtools on EFI platforms, for grub-mkrescue (closes: #774910). -- Colin Watson Sun, 07 Feb 2021 15:23:51 +0000 grub2 (2.04-13) unstable; urgency=medium [ Steve McIntyre ] * Switch to using the efivarfs interface for detecting "system setup" (Closes: #979299) -- Colin Watson Sat, 06 Feb 2021 17:30:38 +0000 grub2 (2.04-12) unstable; urgency=medium * Cherry-pick from upstream: - mdraid1x_linux: Fix gcc10 error -Werror=array-bounds - zfs: Fix gcc10 error -Werror=zero-length-bounds * Build with GCC 10 (closes: #978515). -- Colin Watson Mon, 28 Dec 2020 22:33:23 +0000 grub2 (2.04-11) unstable; urgency=medium * grub-install: Fix backup restoration on i386 (closes: #976671). -- Colin Watson Sun, 06 Dec 2020 18:29:51 +0000 grub2 (2.04-10) unstable; urgency=medium [ Ian Campbell ] * Remove myself from uploaders. [ Colin Watson ] * When upgrading grub-pc noninteractively, bail out if grub-install fails. It's better to fail the upgrade than to produce a possibly-unbootable system. * Explicitly check whether the target device exists before running grub-install, since grub-install copies modules to /boot/grub/ before installing the core image, and the new modules might be incompatible with the old core image (closes: #966575). * Cherry-pick from upstream: - tftp: Roll-over block counter to prevent data packets timeouts (LP: #1892290). [ Dimitri John Ledkov ] * grub-install: Add backup and restore. * Don't call grub-install on fresh install of grub-pc. It's the job of installers to do that after a fresh install. -- Colin Watson Sun, 08 Nov 2020 16:26:08 +0000 grub2 (2.04-9) unstable; urgency=high * Backport security patch series from upstream: - CVE-2020-10713: yylex: Make lexer fatal errors actually be fatal - safemath: Add some arithmetic primitives that check for overflow - calloc: Make sure we always have an overflow-checking calloc() available - CVE-2020-14308: calloc: Use calloc() at most places - CVE-2020-14309, CVE-2020-14310, CVE-2020-14311: malloc: Use overflow checking primitives where we do complex allocations - iso9660: Don't leak memory on realloc() failures - font: Do not load more than one NAME section - gfxmenu: Fix double free in load_image() - xnu: Fix double free in grub_xnu_devprop_add_property() - lzma: Make sure we don't dereference past array - term: Fix overflow on user inputs - udf: Fix memory leak - multiboot2: Fix memory leak if grub_create_loader_cmdline() fails - tftp: Do not use priority queue - relocator: Protect grub_relocator_alloc_chunk_addr() input args against integer underflow/overflow - relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow - script: Remove unused fields from grub_script_function struct - CVE-2020-15706: script: Avoid a use-after-free when redefining a function during execution - relocator: Fix grub_relocator_alloc_chunk_align() top memory allocation - hfsplus: fix two more overflows - lvm: fix two more potential data-dependent alloc overflows - emu: make grub_free(NULL) safe - efi: fix some malformed device path arithmetic errors - Fix a regression caused by "efi: fix some malformed device path arithmetic errors" - update safemath with fallback code for gcc older than 5.1 - efi: Fix use-after-free in halt/reboot path - linux loader: avoid overflow on initrd size calculation * CVE-2020-15707: linux: Fix integer overflows in initrd size handling * Apply overflow checking to allocations in Debian patches: - bootp: Fix integer overflow in parse_dhcp6_option - unix/config: Fix integer overflow in grub_util_load_config - deviceiter: Fix integer overflow in grub_util_iterate_devices -- Colin Watson Wed, 29 Jul 2020 17:58:37 +0100 grub2 (2.04-8) unstable; urgency=medium [ Vincent Lefevre ] * Fix typos in /etc/grub.d/05_debian_theme. Closes: #959484 [ Fabian Greffrath ] * Change font dependency to fonts-dejavu-core. Closes: #912846 [ Colin Watson ] * Cherry-pick from upstream: - templates/20_linux_xen: Ignore xenpolicy and config files too. - templates/20_linux_xen: Support Xen Security Modules (XSM/FLASK). [ Ian Jackson ] * 20_linux_xen: Do not load XSM policy in non-XSM options (closes: #961673). -- Colin Watson Sun, 07 Jun 2020 10:06:37 +0100 grub2 (2.04-7) unstable; urgency=medium [ Christian Göttsche ] * Create grub default configuration with default SELinux context. [ Steve McIntyre ] * In the signed packages, change the version dependency on grub-common to be >= and not =. This will allow for installation in unstable to still work in the window while we wait for the template package to do its second trip through the archive. * Tweak the build-dep architecture listing for libefiboot-dev and libefivar-dev. The linux-* wildcards don't work in the way expected, and were missing out (at least) armhf and armel. Closes: #958461 -- Colin Watson Wed, 22 Apr 2020 14:52:13 +0100 grub2 (2.04-6) unstable; urgency=medium [ Romain Perier ] * Add f2fs module to signed UEFI images [ Steve McIntyre ] * Add jfs module to signed UEFI images. Closes: #950959 [ Colin Watson ] * Drop mkconfig-mid-upgrade.patch; it was only needed for upgrades from GRUB 1.99 (now a long time ago) and can inappropriately hide problems when /etc/grub.d/00_header should have been updated but wasn't (closes: #953201). * Cherry-pick from upstream: - btrfs: Add support for new RAID1C34 profiles (closes: #958236). -- Colin Watson Mon, 20 Apr 2020 01:03:08 +0100 grub2 (2.04-5) unstable; urgency=medium * Cherry-pick from upstream: - verifiers: Blocklist fallout cleanup (this was one cause of a build failure on hurd-i386, though may not be the only one). * Only recommend grub-efi-*-signed on the architectures where they exist. -- Colin Watson Mon, 16 Dec 2019 15:48:45 +0000 grub2 (2.04-4) unstable; urgency=medium [ Thomas Gaugler ] * Add leading / to prefix of network boot image for d-i. [ Martin von Wittich ] * upgrade-from-grub-legacy: Set DPKG_MAINTSCRIPT_NAME and DPKG_MAINTSCRIPT_PACKAGE when calling grub-pc.postinst manually (closes: #943387). [ Colin Watson ] * Use policy-compliant architecture wildcards in libefiboot-dev and libefivar-dev build-dependencies. * Build with GCC 9 (closes: #944166). -- Colin Watson Fri, 08 Nov 2019 10:58:30 +0000 grub2 (2.04-3) unstable; urgency=medium * Apply patch from James Clarke to fix BIOS Boot Partition support on sparc64 (closes: #931969). * Fix UEFI installation for Devuan (thanks, Ivan J.; closes: #932966). * Add probe module to signed UEFI images (closes: #936082). -- Colin Watson Fri, 30 Aug 2019 13:50:41 +0100 grub2 (2.04-2) unstable; urgency=medium [ James Clarke ] * Only Build-Depend on libefiboot-dev and libefivar-dev on Linux architectures, since they're Linux-only. [ Colin Watson ] * Use debhelper-compat instead of debian/compat. * debian/apport/source_grub2.py: - Avoid star import. - Fix flake8 errors. * Run gentpl.py with python3. -- Colin Watson Sat, 03 Aug 2019 13:42:49 +0100 grub2 (2.04-1) unstable; urgency=medium * New upstream release. * debian/upstream/signing-key.asc: Add signing key of new upstream maintainer (Daniel Kiper). -- Colin Watson Tue, 09 Jul 2019 11:48:01 +0100 # Older entries have been removed from this changelog. # To read the complete changelog use `apt changelog grub-common`.