Stay Connected:

ELSA-2022-5095

ELSA-2022-5095 - grub2, mokutil, shim, and shim-unsigned-x64 security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2022-07-04

Description


[2.02-123.0.4.el8_6.8]
- enable multiboot2 [Orabug: 34285558]
- backport arm64: Fix EFI loader kernel image allocation [Orabug: 33702462]
- backport Arm: check for the PE magic for the compiled arch [Orabug: 33702462]
- Backport some better script logic for BTRFS support [Orabug: 32448171]
- Do not add shim and grub certificate deps for aarch64 packages [Orabug: 32670033]
- Update Oracle SBAT data [Orabug: 32670033]
- Use new signing certificate [Orabug: 32670033]
- Fix various coverity issues [Orabug: 32530657]
- Set proper blsdir if /boot is on btrfs rootfs [Orabug: 32063327]
- Add CVE-2020-15706, CVE-2020-15707 to the list [Orabug: 31225072]
- honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS [Orabug: 30643497]
- set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597]
- Update upstream references [Orabug: 26388226]
- Insert Unbreakable Enterprise Kernel text into BLS config file [Orabug: 29417955]
- fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481]
- Fix comparison in patch for 18504756
- Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481]
- Put 'with' in menuentry instead of 'using' [Orabug: 18504756]
- Use different titles for UEK and RHCK kernels [Orabug: 18504756]

[2.06-123.el8_6.8]
- CVE fixes for 2022-06-07
- CVE-2022-28736 CVE-2022-28735 CVE-2022-28734 CVE-2022-28733
- CVE-2021-3697 CVE-2021-3696 CVE-2021-3695
- Resolves: #2031899


Related CVEs


CVE-2022-28737
CVE-2021-3696
CVE-2022-28734
CVE-2021-3695
CVE-2021-3697
CVE-2022-28733
CVE-2022-28735
CVE-2022-28736

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) grub2-2.02-123.0.4.el8_6.8.src.rpm52ae1a4c190eef3922b055da62e99933-
grub2-common-2.02-123.0.4.el8_6.8.noarch.rpmdd725034384301ab43ee58a7cf21e17c-
grub2-efi-aa64-2.02-123.0.4.el8_6.8.aarch64.rpmc384db33de1389e46d9a5962613da7f5-
grub2-efi-aa64-cdboot-2.02-123.0.4.el8_6.8.aarch64.rpm834fdc257403ae3d09355b36f5997fc1-
grub2-efi-aa64-modules-2.02-123.0.4.el8_6.8.noarch.rpmac09f78302b3f0f09f1c47b45b12e317-
grub2-efi-ia32-modules-2.02-123.0.4.el8_6.8.noarch.rpmd4a3e67f6193b2886d1786d0fb696e65-
grub2-efi-x64-modules-2.02-123.0.4.el8_6.8.noarch.rpm99d4a76fbae09bf056333356d7e7b512-
grub2-pc-modules-2.02-123.0.4.el8_6.8.noarch.rpmd81f1e1aadd421071daf758f165603ba-
grub2-tools-2.02-123.0.4.el8_6.8.aarch64.rpmdf1e83617ce0df93676d687a38d5e73a-
grub2-tools-extra-2.02-123.0.4.el8_6.8.aarch64.rpm675af603fb23a3b3d2b3e8ca0b27352c-
grub2-tools-minimal-2.02-123.0.4.el8_6.8.aarch64.rpmd91536ac59830d349d10fb8defa83730-
Oracle Linux 8 (x86_64) grub2-2.02-123.0.4.el8_6.8.src.rpm52ae1a4c190eef3922b055da62e99933-
grub2-common-2.02-123.0.4.el8_6.8.noarch.rpmdd725034384301ab43ee58a7cf21e17c-
grub2-efi-aa64-modules-2.02-123.0.4.el8_6.8.noarch.rpmac09f78302b3f0f09f1c47b45b12e317-
grub2-efi-ia32-2.02-123.0.4.el8_6.8.x86_64.rpm851c953fa7935c5538ecf6b23368f37b-
grub2-efi-ia32-cdboot-2.02-123.0.4.el8_6.8.x86_64.rpm30fc3a18c6ce4a5c8046c7dbef8651cf-
grub2-efi-ia32-modules-2.02-123.0.4.el8_6.8.noarch.rpmd4a3e67f6193b2886d1786d0fb696e65-
grub2-efi-x64-2.02-123.0.4.el8_6.8.x86_64.rpm5526b2a14515895d8076abbd70277d1a-
grub2-efi-x64-cdboot-2.02-123.0.4.el8_6.8.x86_64.rpmda14659fc88058db61e43bfe8094b53d-
grub2-efi-x64-modules-2.02-123.0.4.el8_6.8.noarch.rpm99d4a76fbae09bf056333356d7e7b512-
grub2-pc-2.02-123.0.4.el8_6.8.x86_64.rpm4a3ce8c3b4358c7ee612628bb1b8d7b8-
grub2-pc-modules-2.02-123.0.4.el8_6.8.noarch.rpmd81f1e1aadd421071daf758f165603ba-
grub2-tools-2.02-123.0.4.el8_6.8.x86_64.rpm761903724a65e1c287b20649c648ed39-
grub2-tools-efi-2.02-123.0.4.el8_6.8.x86_64.rpme1d7aeacf9d028b090de4e6df90e71b3-
grub2-tools-extra-2.02-123.0.4.el8_6.8.x86_64.rpmee221dc9759b2f2ce0ca3119824883ee-
grub2-tools-minimal-2.02-123.0.4.el8_6.8.x86_64.rpm784c231e03a9a08c80a0ab661ccb99f7-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights