grub2_2.12-6_source.changes ACCEPTED into unstable

[Debian FTP Masters]

Thank you for your contribution to Debian.



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 15 Feb 2025 17:17:14 +0000
Source: grub2
Architecture: source
Version: 2.12-6
Distribution: unstable
Urgency: medium
Maintainer: GRUB Maintainers <pkg-grub-devel at alioth-lists.debian.net>
Changed-By: Mate Kukri <mate.kukri at canonical.com>
Closes: 1034905 1035052
Changes:
 grub2 (2.12-6) unstable; urgency=medium
 .
   [ Mate Kukri ]
   * Fix out of bounds XSDT access, re-enable ACPI SPCR table support
 .
   [ Miroslav Kure ]
   * Updated Czech translation of grub debconf messages. (Closes: #1035052)
 .
   [ Viktar Siarheichyk ]
   * Updated Belarusian translation. (Closes: #1034905)
 .
   [ Carles Pina i Estany ]
   * Update translation
 .
   [ Felix Zielcke ]
   * Move d/legacy/* files to grub-legacy.
   * Remove traces of ../legacy/ dir in d/rules.
 .
   [ Mate Kukri ]
   * Cherry-pick upstream security patches
   * Bump SBAT level to grub,5
   * SECURITY UPDATE: video/readers/jpeg: Do not permit duplicate SOF0 markers in JPEG
     - CVE-2024-45774
   * SECURITY UPDATE: commands/extcmd: Missing check for failed allocation
     - CVE-2024-45775
   * SECURITY UPDATE: gettext: Integer overflow leads to heap OOB write or read
     - CVE-2024-45776
   * SECURITY UPDATE: gettext: Integer overflow leads to heap OOB write
     - CVE-2024-45777
   * SECURITY UPDATE: fs/bfs: Integer overflow
     - CVE-2024-45778
   * SECURITY UPDATE: fs/bfs: integer overflow leads to heap OOB read
     - CVE-2024-45779
   * SECURITY UPDATE: fs/tar: Integer overflow leads to heap OOB write
     - CVE-2024-45780
   * SECURITY UPDATE: fs/ufs: `strcpy` use leading to heap OOB write
     - CVE-2024-45781
   * SECURITY UPDATE: fs/hfs: `strcpy` use leading to potential heap OOB write
     - CVE-2024-45782
   * SECURITY UPDATE: fs/hfsplus: incorrect refcount handling leading to UAF
     - CVE-2024-45783
   * SECURITY UPDATE: command/gpg: Use-after-free due to hooks not being removed on module unload
     - CVE-2025-0622
   * SECURITY UPDATE: net: Out-of-bounds write in grub_net_search_config_file()
     - CVE-2025-0624
   * SECURITY UPDATE: UFS: Integer overflow may lead to heap based out-of-bounds write when handling symlinks
     - CVE-2025-0677
   * SECURITY UPDATE: squash4: Integer overflow may lead to heap based out-of-bounds write when reading data
     - CVE-2025-0678
   * SECURITY UPDATE: reiserfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data
     - CVE-2025-0684
   * SECURITY UODATE: jfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data
     - CVE-2025-0685
   * SECURITY UPDATE: romfs: Integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data
     - CVE-2025-0686
   * SECURITY UPDATE: udf: Heap based buffer overflow  in grub_udf_read_block() may lead to arbitrary code execution
     - CVE-2025-0689
   * SECURITY UPDATE: read: Integer overflow may lead to out-of-bounds write
     - CVE-2025-0690
   * SECURITY UPDATE: commands/dump: The dump command is not in lockdown when secure boot is enabled
     - CVE-2025-1118
   * SECURITY UPDATE: fs/hfs: Integer overflow may lead to heap based out-of-bounds write
     - CVE-2025-1125
   * SECURITY UPDATE: insmod: incorrect refcount handling leading to UAF [LP: #2055835]
Checksums-Sha1:
 d764d10afadae0a043eef899991def448bc320a9 8170 grub2_2.12-6.dsc
 2b1f6a6d522e7d8d29c55500e886e2eef3cf31d5 1126120 grub2_2.12-6.debian.tar.xz
 19ec12e8e70a1c6a0d226d1b58dc1ebe3fc54755 14378 grub2_2.12-6_source.buildinfo
Checksums-Sha256:
 21cc66a4cc4bedc6dbea36537c65be5ce8a70cccccc4e79ff48275af9ba1c485 8170 grub2_2.12-6.dsc
 c61e7a03feaf2ad5865965523ec0d18720c4bd405806651079d65a35c0a7c0f7 1126120 grub2_2.12-6.debian.tar.xz
 11eba76b2825795af90f74e674b47305761d99706760b84259f095d7222d1c85 14378 grub2_2.12-6_source.buildinfo
Files:
 53645cecf021c946131747fc5f9f75db 8170 admin optional grub2_2.12-6.dsc
 cd7dd03ae41e15594dbbd0b4276fcf30 1126120 admin optional grub2_2.12-6.debian.tar.xz
 cff522218af2ffa4253e0927eeea4ad6 14378 admin optional grub2_2.12-6_source.buildinfo


-----BEGIN PGP SIGNATURE-----

wsG7BAEBCgBvBYJn0rQmCRBvpFjdHbA/cUcUAAAAAAAeACBzYWx0QG5vdGF0aW9u
cy5zZXF1b2lhLXBncC5vcmd/TLwe1m2zl8hSozpuK2bqQVoBK8vA9iFPtJyF3jdd
ARYhBE+1iKhMLd55p0x3h2+kWN0dsD9xAACm9xAAkIS1oOoWluq8+9qlMSNzkvJY
UTZx7AbS7wpN25a4JSZUaQBuYYVGHKGEkBt2iOUSgRSVOlkzfvb3f5xdYhNRVbl4
0E2yToCnXbaAJXdo9xqqesytYRuYBo3LnLQF9Ya/8UnZfAQ2g0lJhB+hayCHTPwA
hWieU463qIAG6sSqqKLx2rF3xXfb4CJYAguq0HXTnOS+fHiImf/MOFdXIrho2u/B
Vy8IkWsQt4ClIZJ0XsfQyLfEaI3MyYWiQTEPSpKL6sNz8uoqrY3/bq4vaSj3Obh4
DeFdWMlakpoZaFijBzS5ReX/xbQsDPbQQWeWWFOpfBKZW2v/hGJTAWCHF87fzOzj
SRltjMEsuCF3rSC6TQh9yoSfApsmpP2BwnSCkHi25ZruXLWyhTOK7RYuMkX7F4vl
zGgQdnomii+dV1FRFtFlNWP+U1bhEDK9NgS7Ja6Rhskw+EppTViVjoKiw04AkjzV
r1tl00rmneFLHUSM4wW1vdiewoZ7XCRFDUdNvzV+/OvpWpuhkzXUaS7OdHji9WsD
WgEdYRz8ioh5A0Ezk9XXmOJte1oo4Ah0lyVcU2vy3uAc4sBUc1YoF+dBFdxfOHcl
JsEEr2u8pP9RVumnFIaU0EsSJMXz/LP+VzvfRepHB62/7xg8ifMPEbW9VBO+5JpJ
3hX9pyNsJsynEAOTo6U=
=sH1X
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-grub-devel/attachments/20250313/c2a5f9df/attachment.sig>