ELSA-2023-0752

ULN >
Oracle Linux Errata repository >
ELSA-2023-0752

ELSA-2023-0752 - grub2 security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2023-06-13

Description

[2.06-46.0.4.el9_1.3]
- Bump SBAT metadata for grub to 3 [Orabug: 34872719]
- Fix CVE-2022-3775 [Orabug: 34871953]
- Enable signing for aarch64 EFI
- Fix signing certificate names
- Enable back btrfs grub module for EFI pre-built image [Orabug: 34360986]
- Replaced bugzilla.oracle.com references [Orabug: 34202300]
- Update provided certificate version to 202204 [JIRA: OLDIS-16371]
- Various coverity fixes [JIRA: OLDIS-16371]
- bump SBAT generation
- Update bug url [Orabug: 34202300]
- Revert provided certificate version back to 202102 [JIRA: OLDIS-16371]
- Update signing certificate [JIRA: OLDIS-16371]
- fix SBAT data [JIRA: OLDIS-16371]
- Update requires [JIRA: OLDIS-16371]
- Rebuild for SecureBoot signatures [Orabug: 33801813]
- Do not add shim and grub certificate deps for aarch64 packages [Orabug: 32670033]
- Update Oracle SBAT data [Orabug: 32670033]
- Use new signing certificate [Orabug: 32670033]
- honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS [Orabug: 30643497]
- set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597]
- Update upstream references [Orabug: 26388226]
- Insert Unbreakable Enterprise Kernel text into BLS config file [Orabug: 29417955]
- Put 'with' in menuentry instead of 'using' [Orabug: 18504756]
- Use different titles for UEK and RHCK kernels [Orabug: 18504756]

[2.06-46.el9_1.3]
- Give up on redhat-sb-certs
- Resolves: CVE-2022-2601

[2.06-46.el9_1.2]
- CVE update (actually 2.06-49)
- Resolves: CVE-2022-2601

Related CVEs

CVE-2022-3775

CVE-2022-2601

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 9 (aarch64)	grub2-2.06-46.0.4.el9_1.3.src.rpm	15f0e1422602954c14eb5ab227f5f5f0	-
	grub2-common-2.06-46.0.4.el9_1.3.noarch.rpm	d2548938d5b5f633f69eeddacfbce80a	-
	grub2-efi-aa64-2.06-46.0.4.el9_1.3.aarch64.rpm	1a1ed95322cb3275059b9ef64d88372e	-
	grub2-efi-aa64-cdboot-2.06-46.0.4.el9_1.3.aarch64.rpm	13334840e53148c8c8575878c745a139	-
	grub2-efi-aa64-modules-2.06-46.0.4.el9_1.3.noarch.rpm	1c07a68ef0779e98794593d160a434f6	-
	grub2-efi-x64-modules-2.06-46.0.4.el9_1.3.noarch.rpm	0c972f94d360da5704d12aaba004807b	-
	grub2-tools-2.06-46.0.4.el9_1.3.aarch64.rpm	291398449e018d9219ad60be075fdd5f	-
	grub2-tools-extra-2.06-46.0.4.el9_1.3.aarch64.rpm	3dfeee1d40263883e446cf534f6fe7b6	-
	grub2-tools-minimal-2.06-46.0.4.el9_1.3.aarch64.rpm	e020d581f3bb349840a9d4b06615c59a	-

Oracle Linux 9 (x86_64)	grub2-2.06-46.0.4.el9_1.3.src.rpm	15f0e1422602954c14eb5ab227f5f5f0	-
	grub2-common-2.06-46.0.4.el9_1.3.noarch.rpm	d2548938d5b5f633f69eeddacfbce80a	-
	grub2-efi-aa64-modules-2.06-46.0.4.el9_1.3.noarch.rpm	1c07a68ef0779e98794593d160a434f6	-
	grub2-efi-x64-2.06-46.0.4.el9_1.3.x86_64.rpm	e531620e585eb6b4b799a7d282b87ac9	-
	grub2-efi-x64-cdboot-2.06-46.0.4.el9_1.3.x86_64.rpm	1fe60f0f68e9b553cf6014c02d74b410	-
	grub2-efi-x64-modules-2.06-46.0.4.el9_1.3.noarch.rpm	0c972f94d360da5704d12aaba004807b	-
	grub2-pc-2.06-46.0.4.el9_1.3.x86_64.rpm	8f0edd2db9034931eab8bea31ef8c9e3	-
	grub2-pc-modules-2.06-46.0.4.el9_1.3.noarch.rpm	68518a1c4f1ee0c6d656ba372b61bfcc	-
	grub2-tools-2.06-46.0.4.el9_1.3.x86_64.rpm	15d94cf4ce794cb1c0e1431b648af2b0	-
	grub2-tools-efi-2.06-46.0.4.el9_1.3.x86_64.rpm	04bc4c09e572cb32b6aff635c711132f	-
	grub2-tools-extra-2.06-46.0.4.el9_1.3.x86_64.rpm	45ff3bf68fcf908463db623f9d56da13	-
	grub2-tools-minimal-2.06-46.0.4.el9_1.3.x86_64.rpm	a10f2d1c211a6acfa80c7b2978c78329	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691