grub2 (2.14-1~bpo12u2.1) bookworm-backports; urgency=medium * Rebuild for bookworm-backports. * ported from trixie -- Mark Pryor Sun, 18 Jan 2026 09:54:50 -0800 grub2 (2.14-1+deb13u2.1) trixie; urgency=medium * HEAD @ d38d6a1a9b79427848 Release 2.14-2026-01-14 16:46 - initial build -- Mark Pryor Sat, 17 Jan 2026 09:12:53 -0800 grub2 (2.14~rc1-1+deb13u2.4) trixie; urgency=medium * work with tarball @ head -- Mark Pryor Sat, 08 Nov 2025 18:48:31 -0800 grub2 (2.14~git20250718.0e36779-1) experimental; urgency=medium [ Mate Kukri ] * Import git snapshot of upcoming GRUB 2.14 upstream release * d/patches: rebase patches for 2.14 git snapshot * d/rules: add erofs_test to XFAIL test * peimage: add NX support, fix some bugs (LP: #2104316) * Fix ipconfig2 route table parsing (LP: #2088181) [ Luca Boccassi ] * efi images: enable 'bli' module [ Graham Inggs ] * debian/control: mark qemu-system build-dependency [ Pascal Hambourg ] * debian/grub.d/05_debian_theme: quote background image pathname in output [ Mate Kukri ] * Resolve zfs root identification (Closes: #848945) * Check out missing distfiles from upstream git branch * d/build-efi-images: Remove filesystems no longer allowed under lockdown * debian: Remove references to dead ports kfreebsd-* and kopensolaris-* * d/control: Sync dependencies of grub-efi-{riscv64,loong64} with grub-efi-* * d/control: Clean up package relations * debian: Tanglu is a dead distro, drop references to it * debian: Get rid of non-systemd init scripts * debian: Merge grub-common into grub2-common * debian: Get rid of update-grub script for grub-legacy * debian: Remove support for the yeeloong target * Remove support for WUBI (Windows Based Ubuntu Installer) * debian/patches: Drop a number of obsolete patches * Add "noescape" argument to cmdline creation (LP: #2112179) * d/control: Cleanup more package relations * Remove IA64 support * Remove old maintscripts * d/postinst.in: remove grub legacy related functionality * Add Provides grub-common to merged grub2-common * Update Debian specific SBAT line to grub.debian14 for forky -- Mate Kukri Tue, 12 Aug 2025 11:51:55 +0100 grub2 (2.12-9) unstable; urgency=medium * Apply patch by Ben Hutchings to not strip .exec or .image files (Closes: #1072167) -- Felix Zielcke Thu, 03 Jul 2025 18:35:51 +0200 grub2 (2.12-8) unstable; urgency=medium [ Mate Kukri ] * d/default/grub: Always get distributor string from `/etc/os-release` * Avoid adding extra GNU/Linux suffix to menu entries (Closes: #1076723) -- Felix Zielcke Wed, 11 Jun 2025 17:42:34 +0200 grub2 (2.12-7) unstable; urgency=medium [ Mate Kukri ] * Drop NTFS patches that seem to be causing regressions (Closes: #1100486, #1100470) -- Felix Zielcke Sat, 15 Mar 2025 14:55:29 +0100 grub2 (2.12-6) unstable; urgency=medium [ Mate Kukri ] * Fix out of bounds XSDT access, re-enable ACPI SPCR table support [ Miroslav Kure ] * Updated Czech translation of grub debconf messages. (Closes: #1035052) [ Viktar Siarheichyk ] * Updated Belarusian translation. (Closes: #1034905) [ Carles Pina i Estany ] * Update translation [ Felix Zielcke ] * Move d/legacy/* files to grub-legacy. * Remove traces of ../legacy/ dir in d/rules. [ Mate Kukri ] * Cherry-pick upstream security patches * Bump SBAT level to grub,5 * SECURITY UPDATE: video/readers/jpeg: Do not permit duplicate SOF0 markers in JPEG - CVE-2024-45774 * SECURITY UPDATE: commands/extcmd: Missing check for failed allocation - CVE-2024-45775 * SECURITY UPDATE: gettext: Integer overflow leads to heap OOB write or read - CVE-2024-45776 * SECURITY UPDATE: gettext: Integer overflow leads to heap OOB write - CVE-2024-45777 * SECURITY UPDATE: fs/bfs: Integer overflow - CVE-2024-45778 * SECURITY UPDATE: fs/bfs: integer overflow leads to heap OOB read - CVE-2024-45779 * SECURITY UPDATE: fs/tar: Integer overflow leads to heap OOB write - CVE-2024-45780 * SECURITY UPDATE: fs/ufs: `strcpy` use leading to heap OOB write - CVE-2024-45781 * SECURITY UPDATE: fs/hfs: `strcpy` use leading to potential heap OOB write - CVE-2024-45782 * SECURITY UPDATE: fs/hfsplus: incorrect refcount handling leading to UAF - CVE-2024-45783 * SECURITY UPDATE: command/gpg: Use-after-free due to hooks not being removed on module unload - CVE-2025-0622 * SECURITY UPDATE: net: Out-of-bounds write in grub_net_search_config_file() - CVE-2025-0624 * SECURITY UPDATE: UFS: Integer overflow may lead to heap based out-of-bounds write when handling symlinks - CVE-2025-0677 * SECURITY UPDATE: squash4: Integer overflow may lead to heap based out-of-bounds write when reading data - CVE-2025-0678 * SECURITY UPDATE: reiserfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data - CVE-2025-0684 * SECURITY UODATE: jfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data - CVE-2025-0685 * SECURITY UPDATE: romfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data - CVE-2025-0686 * SECURITY UPDATE: udf: Heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution - CVE-2025-0689 * SECURITY UPDATE: read: Integer overflow may lead to out-of-bounds write - CVE-2025-0690 * SECURITY UPDATE: commands/dump: The dump command is not in lockdown when secure boot is enabled - CVE-2025-1118 * SECURITY UPDATE: fs/hfs: Integer overflow may lead to heap based out-of-bounds write - CVE-2025-1125 * SECURITY UPDATE: insmod: incorrect refcount handling leading to UAF [LP: #2055835] -- Mate Kukri Sat, 15 Feb 2025 17:17:14 +0000 grub2 (2.12-5) unstable; urgency=medium * Build-Depend on pkgconf instead of pkg-config. * Update legacy/update-grub to correctly check for grub2 core.img * Correct Breaks+Replaces on grub-efi-arm64-unsigned for grub-efi-arm64-bin. (Closes: #1076235) -- Felix Zielcke Mon, 15 Jul 2024 17:05:20 +0200 grub2 (2.12-4) unstable; urgency=medium [ Mate Kukri ] * Determine GRUB_DISTRIBUTOR from os-release and fall back to build-time dpkg vendor [ Felix Zielcke ] * Ship gdb_helper.py in dbg packages. (Closes: #1072164) * Update README.source to mention that we're now using gbp-pq instead of git-dpm. * Add grub-pc+grub2-common Breaks: against grub-legacy (<< 0.97-83~). * Upload to unstable. -- Felix Zielcke Wed, 10 Jul 2024 09:18:01 +0200 grub2 (2.12-3) experimental; urgency=medium [ Colin Watson ] * Update signing-template Uploaders to match main package. [ Mate Kukri ] * d/p/mkconfig-ubuntu-recovery.patch: Use "recovery" instead of "single recovery" for recovery mode bootparams * d/p/revert-term-ns8250-spcr.patch: Revert ACPI SPCR table support (#1062073) * d/p/efidisk-breakup-large-reads.patch: efidisk: Breakup large reads into batches * Revert "d/p/efidisk-breakup-large-reads.patch: efidisk: Breakup large reads into batches" [ Jiajie Chen ] * Enable building for LoongArch64 [ Heinrich Schuchardt ] * d/rules: build monolithic images for all EFI architectures [ Julian Andres Klode ] * Introduce new -unsigned packages to house the pre-built .efi binaries * signing: Use the -unsigned packages as signed build-depends [ Jiajie Chen ] * d/p/sb/efi-use-peimage-shim.patch: add loong64 suppport [ Felix Zielcke ] * Update Breaks/Replaces -efi-{ia32,amd64}-bin to << 2.12-3~ at -unsigned packages. [ Pascal Hambourg ] * 05_debian_theme: cache background picture if not in /boot/grub filesystem * debian/default/grub: Replace 'vbeinfo' with 'videoinfo' * debian/default/grub: Document /etc/default/grub.d/*.cfg [ Tianyu Chen ] * Make grub-common Breaks grub-efi-*-signed (<< 1+2.12~rc1) -- Julian Andres Klode Thu, 25 Apr 2024 16:52:04 +0200 grub2 (2.12-2) unstable; urgency=medium [ Mate Kukri ] * Revert peimage to re-use GRUB's image handle (LP: #2057679) (LP: #2054127) * d/build-efi-images: Make sure downstream didn't remove peimage SBAT entry * SECURITY UPDATE: Use-after-free in peimage module [LP: #2054127] - CVE-2024-2312 [ Julian Andres Klode ] * Bump SBAT level to `grub.peimage,2`; and also bump `grub.debian,5` to make sure we can revoke any downstream users of peimage that forgot to include the grub.peimage component if that should become necessary. -- Julian Andres Klode Fri, 05 Apr 2024 20:45:55 +0200 grub2 (2.12-1) unstable; urgency=medium [ Mate Kukri ] * New upstream version, 2.12 * d/patches: Rebase on `upstream/2.12` and drop superseded patches: - Dropping patches now included upstream: + d/p/ntfs-cve-fixes/*: Fixes for NTFS OOB CVE + d/p/upstream/xfs-*: XFS parsing fixes + d/p/upstream/unmerged-usr-shebang.patch - Dropping patch replaced with configure option: + d/p/dejavu-font-path.patch * d/rules: Pass configure option '--enable-grub-themes' * d/rules: Provide Debian specific DejaVu path via configure * d/{control,rules}: Use default gcc version * d/p/extra_deps_lst.patch: Checkout "extra_deps.lst" from upstream/master * d/p/sb/revert-efi-fallback-to-legacy.patch: Also revert newer fallback patch [ Julian Andres Klode ] * Add Mate to Uploaders -- Mate Kukri Mon, 15 Jan 2024 09:54:55 +0000