Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 39: FEDORA-2024-53d986312e moderate: grub2 Security Fix

fedora
Calendar Grey February 5, 2024
Dist Fedora Esm H88
Comprehensive revision for Fedora 39 tackling improvements and a vulnerability in grub2, boosting overall system reliability and protection.
Combined update for several fixes as well as security fix for CVE-2023-4001 ``` Mon Jan 15 2024 Nicolas Frayer nfrayer@redhat.com - 2.06-116 grub-core/commands: add flag to only se...

Summary

The GRand Unified Bootloader (GRUB) is a highly configurable and

customizable bootloader with modular architecture. It supports a rich

variety of kernel formats, file systems, computer architectures and

hardware devices.

Update Information:

Combined update for several fixes as well as security fix for CVE-2023-4001 ``` Mon Jan 15 2024 Nicolas Frayer nfrayer@redhat.com - 2.06-116 grub-core/commands: add flag to only search root dev Resolves: #2223437 Resolves: #2224951 Resolves: #2258096 Resolves: CVE-2023-4001 Sat Jan 13 2024 Hector Martin marcan@fedoraproject.org - 2.06-115 Switch memdisk compression to lzop Thu Jan 11 2024 Daan De Meyer daan.j.demeyer@gmail.com - 2.06-114 Don't obsolete the tools package with minimal Mon Jan 8 2024 Nicolas Frayer - 2.06-113 xfs: some bios systems with /boot partition created with xfsprog < 6.5.0 can't boot with one of the xfs upstream patches Resolves: #2254370 Tue Dec 19 2023 Nicolas Frayer - 2.06-112 normal: fix prefix when loading modules Resolves: #2209435 Resolves: #2173015 Tue Dec 12 2023 leo sandoval - 2.06-111 chainloader: remove device path debug message ```

Topics%20covered

Topics Covered

security advisory Fedora security fix grub2 bootloader

Change Log

* Mon Jan 15 2024 Nicolas Frayer - 2.06-116 - grub-core/commands: add flag to only search root dev - Resolves: #2223437 - Resolves: #2224951 - Resolves: #2258096 - Resolves: CVE-2023-4001 * Sat Jan 13 2024 Hector Martin - 2.06-115 - Switch memdisk compression to lzop * Thu Jan 11 2024 Daan De Meyer - 2.06-114 - Don't obsolete the tools package with minimal * Mon Jan 8 2024 Nicolas Frayer - 2.06-113 - xfs: some bios systems with /boot partition created with xfsprog < 6.5.0 can't boot with one of the xfs upstream patches - Resolves: #2254370 * Tue Dec 19 2023 Nicolas Frayer - 2.06-112 - normal: fix prefix when loading modules - Resolves: #2209435 - Resolves: #2173015 * Tue Dec 12 2023 leo sandoval - 2.06-111 - chainloader: remove device path debug message

References


[ 1 ] Bug #2224951 - CVE-2023-4001 grub2: bypass the GRUB password protection feature https://bugzilla.redhat.com/show_bug.cgi?id=2224951

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-53d986312e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Name: grub2
Product: Fedora 39
Version: 2.06
Release: 116.fc39
URL:
Summary: Bootloader with support for Linux, Multiboot and more

Topics%20covered

Topics Covered

security advisory Fedora security fix grub2 bootloader

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here