CBL-Mariner/SPECS/grub2
Gary Swalling b05435d5ba
Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469)
Backport 30 patches to bring grub 2.06 up to SBAT level 2 and resolve vulnerabilities for CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, and CVE-2022-28736.
2023-10-26 12:45:44 -07:00
..
0001-Add-support-for-Linux-EFI-stub-loading.patch
0002-Rework-linux-command.patch
0003-Rework-linux16-command.patch
0004-Add-secureboot-support-on-efi-chainloader.patch
0005-Make-any-of-the-loaders-that-link-in-efi-mode-honor-.patch
0006-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch
0017-Pass-x-hex-hex-straight-through-unmolested.patch
0037-Replace-a-lot-of-man-pages-with-slightly-nicer-ones.patch
0052-Make-our-info-pages-say-grub2-where-appropriate.patch
0069-Make-pmtimer-tsc-calibration-not-take-51-seconds-to-.patch
0104-Rework-how-the-fdt-command-builds.patch
0112-Try-to-pick-better-locations-for-kernel-and-initrd.patch
0115-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch
0116-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch
0117-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch
0118-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch
0148-efi-Set-image-base-address-before-jumping-to-the-PE-.patch
0149-tpm-Don-t-propagate-TPM-measurement-errors-to-the-ve.patch
0150-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch
0156-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch
0157-linuxefi-fail-kernel-validation-without-shim-protoco.patch
0166-grub-install-disable-support-for-EFI-platforms.patch
0167-restore-umask-for-grub-config.patch resolve grub2 CVE (#3393) 2022-07-21 16:00:26 -07:00
0170-fix-memory-alloc-errno-reset.patch grub2: add patch for reseting grub_errno (#3712) 2022-09-14 13:50:28 -07:00
0173-loader-efi-chainloader-Simplify-the-loader-state.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0174-commands-boot-Add-API-to-pass-context-to-loader.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0175-loader-efi-chainloader-Use-grub_loader_set_ex.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0176-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0177-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0178-video-readers-png-Abort-sooner-if-a-read-operation-f.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0179-video-readers-png-Refuse-to-handle-multiple-image-he.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0180-video-readers-png-Drop-greyscale-support-to-fix-heap.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0181-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0182-video-readers-png-Sanity-check-some-huffman-codes.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0183-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0184-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0185-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0186-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0187-normal-charset-Fix-array-out-of-bounds-formatting-un.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0188-net-ip-Do-IP-fragment-maths-safely.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0189-net-netbuff-Block-overly-large-netbuff-allocs.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0190-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0191-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0192-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0193-net-tftp-Avoid-a-trivial-UAF.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0194-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0195-net-http-Fix-OOB-write-for-split-http-headers.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0196-net-http-Error-out-on-headers-with-LF-without-CR.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0197-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0198-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0199-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0200-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0201-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
0202-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
CVE-2020-10713.nopatch
CVE-2020-14308.nopatch
CVE-2020-14309.nopatch
CVE-2020-14310.nopatch
CVE-2020-14311.nopatch
CVE-2020-14372.nopatch
CVE-2020-25632.nopatch
CVE-2020-25647.nopatch
CVE-2020-27749.nopatch
CVE-2020-27779.nopatch
CVE-2021-3418.nopatch
CVE-2021-20225.nopatch
CVE-2021-20233.nopatch
CVE-2022-2601.patch grub2: patch CVE-2022-2601 in 2.0 (#4511) 2023-01-05 15:26:00 -08:00
CVE-2022-3775.patch Patch CVE-2022-3775 in grub2 (#5654) 2023-06-09 16:29:04 -07:00
grub2.signatures.json Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
grub2.spec Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00
macros.grub2 feat: Enable grub2-mkconfig generation of grub config (#5989) 2023-09-25 12:56:58 -07:00
sbat.csv.in Patch grub2 to fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 (#6469) 2023-10-26 12:45:44 -07:00