Bug#991693: Possible CVE-2014-5461 in grub-pc

Movses Tovmasyan movsestovmasyan10 at gmail.com
Fri Jul 30 11:53:25 BST 2021


Package: grub-pc
Version: 2.02+dfsg1-20+deb10u4
Tags: patch

grub-pc uses the obsolete version of minilua
(single-file port of Lua) which has CVE-2014-5461
Patch attached below.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-grub-devel/attachments/20210730/d156f32c/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch.png
Type: image/png
Size: 198479 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-grub-devel/attachments/20210730/d156f32c/attachment-0001.png>


More information about the Pkg-grub-devel mailing list