- grub2 (2.12-5+rpi1) trixie-staging; urgency=medium
++grub2 (2.12-8+rpi1) trixie-staging; urgency=medium
+
++ [changes brought forward from 2.12-5+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sun, 28 Jul 2024 22:42:11 +0000]
+ * Treat system as Debian, since we don't have any specific config for
+ raspbian.
+ * Fix clean target.
+
- -- Peter Michael Green <plugwash@raspbian.org> Sun, 28 Jul 2024 22:42:11 +0000
++ -- Raspbian forward porter <root@raspbian.org> Sat, 05 Jul 2025 01:32:54 +0000
++
+ grub2 (2.12-8) unstable; urgency=medium
+
+ [ Mate Kukri ]
+ * d/default/grub: Always get distributor string from `/etc/os-release`
+ * Avoid adding extra GNU/Linux suffix to menu entries (Closes: #1076723)
+
+ -- Felix Zielcke <fzielcke@z-51.de> Wed, 11 Jun 2025 17:42:34 +0200
+
+ grub2 (2.12-7) unstable; urgency=medium
+
+ [ Mate Kukri ]
+ * Drop NTFS patches that seem to be causing regressions
+ (Closes: #1100486, #1100470)
+
+ -- Felix Zielcke <fzielcke@z-51.de> Sat, 15 Mar 2025 14:55:29 +0100
+
+ grub2 (2.12-6) unstable; urgency=medium
+
+ [ Mate Kukri ]
+ * Fix out of bounds XSDT access, re-enable ACPI SPCR table support
+
+ [ Miroslav Kure ]
+ * Updated Czech translation of grub debconf messages. (Closes: #1035052)
+
+ [ Viktar Siarheichyk ]
+ * Updated Belarusian translation. (Closes: #1034905)
+
+ [ Carles Pina i Estany ]
+ * Update translation
+
+ [ Felix Zielcke ]
+ * Move d/legacy/* files to grub-legacy.
+ * Remove traces of ../legacy/ dir in d/rules.
+
+ [ Mate Kukri ]
+ * Cherry-pick upstream security patches
+ * Bump SBAT level to grub,5
+ * SECURITY UPDATE: video/readers/jpeg: Do not permit duplicate SOF0 markers in JPEG
+ - CVE-2024-45774
+ * SECURITY UPDATE: commands/extcmd: Missing check for failed allocation
+ - CVE-2024-45775
+ * SECURITY UPDATE: gettext: Integer overflow leads to heap OOB write or read
+ - CVE-2024-45776
+ * SECURITY UPDATE: gettext: Integer overflow leads to heap OOB write
+ - CVE-2024-45777
+ * SECURITY UPDATE: fs/bfs: Integer overflow
+ - CVE-2024-45778
+ * SECURITY UPDATE: fs/bfs: integer overflow leads to heap OOB read
+ - CVE-2024-45779
+ * SECURITY UPDATE: fs/tar: Integer overflow leads to heap OOB write
+ - CVE-2024-45780
+ * SECURITY UPDATE: fs/ufs: `strcpy` use leading to heap OOB write
+ - CVE-2024-45781
+ * SECURITY UPDATE: fs/hfs: `strcpy` use leading to potential heap OOB write
+ - CVE-2024-45782
+ * SECURITY UPDATE: fs/hfsplus: incorrect refcount handling leading to UAF
+ - CVE-2024-45783
+ * SECURITY UPDATE: command/gpg: Use-after-free due to hooks not being removed on module unload
+ - CVE-2025-0622
+ * SECURITY UPDATE: net: Out-of-bounds write in grub_net_search_config_file()
+ - CVE-2025-0624
+ * SECURITY UPDATE: UFS: Integer overflow may lead to heap based out-of-bounds write when handling symlinks
+ - CVE-2025-0677
+ * SECURITY UPDATE: squash4: Integer overflow may lead to heap based out-of-bounds write when reading data
+ - CVE-2025-0678
+ * SECURITY UPDATE: reiserfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data
+ - CVE-2025-0684
+ * SECURITY UODATE: jfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data
+ - CVE-2025-0685
+ * SECURITY UPDATE: romfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data
+ - CVE-2025-0686
+ * SECURITY UPDATE: udf: Heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution
+ - CVE-2025-0689
+ * SECURITY UPDATE: read: Integer overflow may lead to out-of-bounds write
+ - CVE-2025-0690
+ * SECURITY UPDATE: commands/dump: The dump command is not in lockdown when secure boot is enabled
+ - CVE-2025-1118
+ * SECURITY UPDATE: fs/hfs: Integer overflow may lead to heap based out-of-bounds write
+ - CVE-2025-1125
+ * SECURITY UPDATE: insmod: incorrect refcount handling leading to UAF [LP: #2055835]
+
+ -- Mate Kukri <mate.kukri@canonical.com> Sat, 15 Feb 2025 17:17:14 +0000
grub2 (2.12-5) unstable; urgency=medium
projects / grub2.git / commitdiff