ELSA-2020-5790 - grub2 security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2020-07-29 |
Description
[2.02-81.0.4]
- Fix CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311,
CVE-2020-15705, CVE-2020-15706, CVE-2020-15707 [Orabug: 31225072]
- Update signing certificate for efi binaries
[2.02-0.81.0.2]
- Enable common subpackage build for aarch64
- Disable RHEL patch 0183-efinet-retransmit-if-our-device-is-busy.patch to comply with UEFI spec
- increase timeout to 10ms in efinet.c, [Orabug: 27982684]
[2.02-0.81.0.1]
- Update upstream references [Orabug: 30138841]
- build with the updated Oracle certificate
- Restore symlink to grub environment file, that was removed during grub2-efi update
if grub2 package is also installed on UEFI machines [Orabug: 27345750]
- fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481]
- Pack files in efidir with disabled rpm verification [Orabug: 27166026]
- Fix comparison in patch for [Orabug: 18504756]
- Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481]
- replace dynamic EFI boot folder path generation with predefined 'redhat' (Alex Burmashev)
- update Oracle Linux certificates (Alexey Petrenko)
- Put 'with' in menuentry instead of 'using' [Orabug: 18504756]
- Use different titles for UEK and RHCK kernels [Orabug: 18504756]
- changed efidir with 0700 access rights, redhat chose another approach in rhbz#1496952, [Orabug: 28622344]
- revert orabug [Orabug: 27166026] changes
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 7 (aarch64) | grub2-2.02-0.81.0.4.el7.src.rpm | 3a7ba43179472a5475e3965648436c8494550c14e9a2c46a7fe3994b695dca5c | ELSA-2024-2002 | ol7_aarch64_latest |
| grub2-2.02-0.81.0.4.el7.aarch64.rpm | c5878eb45e8e885c59e769f43eaf95e72882be7a8cf89f447d975999ad2bba8b | ELSA-2024-2002 | ol7_aarch64_latest |
| grub2-efi-aa64-2.02-0.81.0.4.el7.aarch64.rpm | 466f901dc6abf92b2fa2831943cf498b9b16449d1dd78701c90d2e1c611cb911 | ELSA-2023-12952 | ol7_aarch64_latest |
| grub2-efi-aa64-cdboot-2.02-0.81.0.4.el7.aarch64.rpm | 1cf4554f12a5e116443877f8d6659a78962ab66b9a0aea26bcb6a1ec32efa4d8 | ELSA-2023-12952 | ol7_aarch64_latest |
| grub2-tools-2.02-0.81.0.4.el7.aarch64.rpm | dc5a598b8d08f2e03e7ac2f7e6bd318885f3715779e79b8b9a947ab3dba94534 | ELSA-2024-2002 | ol7_aarch64_latest |
| grub2-tools-extra-2.02-0.81.0.4.el7.aarch64.rpm | ce7cf2460a0d924cc57d804b2eed47ff9e607801265989f90fa996f1389439e0 | ELSA-2024-2002 | ol7_aarch64_latest |
| grub2-tools-minimal-2.02-0.81.0.4.el7.aarch64.rpm | c262128d8e2b049b5a670b66f7e29a2803ac65ae94e6c447fd34642bab87bb33 | ELSA-2024-2002 | ol7_aarch64_latest |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
