Oracle alert ELSA-2026-5233 (grub2)
| From: | Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2026-5233 Moderate: Oracle Linux 7 grub2 security update | |
| Date: | Mon, 13 Apr 2026 21:53:57 -0700 | |
| Message-ID: | <mailman.26.1776339352.31.el-errata@oss.oracle.com> |
Oracle Linux Security Advisory ELSA-2026-5233 http://linux.oracle.com/errata/ELSA-2026-5233.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: grub2-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-common-2.02-0.87.0.29.el7_9.14.noarch.rpm grub2-efi-ia32-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-efi-ia32-cdboot-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-efi-ia32-modules-2.02-0.87.0.29.el7_9.14.noarch.rpm grub2-efi-x64-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-efi-x64-cdboot-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-efi-x64-modules-2.02-0.87.0.29.el7_9.14.noarch.rpm grub2-pc-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-pc-modules-2.02-0.87.0.29.el7_9.14.noarch.rpm grub2-tools-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-tools-extra-2.02-0.87.0.29.el7_9.14.x86_64.rpm grub2-tools-minimal-2.02-0.87.0.29.el7_9.14.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/grub2-2.02-0.87.0... Related CVEs: CVE-2025-61662 Description of changes: [2.02-0.87.0.29.el7.14] - Unregister gettext command on module unload [CVE-2025-61662][Orabug: 39112125] [2.02-0.87.0.27.el7.14] - Fix OOB write in grub_net_search_config_file() CVE-2025-0624 [Orabug: 37770226] - Also adds implementation of grub_strlcpy() for clean backport [2.02-0.87.0.26.el7.14] - Replace bugzilla.oracle.com reference [Orabug: 35477723] - Backport kernel EFI allocation pacthes [Orabug: 34301086] - Add to the list CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 [JIRA: OLDIS-16371] - bump SBAT generation [JIRA: OLDIS-16371] - Cleanup XEN shell script (Alex Burmashev) [Orabug: 33851417] - Update SBAT data (Alex Burmashev) [Orabug: 33851417] - efinet: change SNP open call (Alex Burmashev) [Orabug: 32646964] - disable buggy 0183-efinet-retransmit-if-our-device-is-busy.patch [Orabug: 27982684] - Patch multiboot2 to the recent state [Orabug: 32950597] - Enable multiboot2 for UEFI ( non Secureboot ) mode [Orabug: 32950597] - Update signing certificate [Orabug: 32670043] - Update shim and certificates dependencies [Orabug: 32670043] - xfs: Don't attempt to iterate over empty directory [Orabug: 32584717] - add SBAT metadata for Oracle Linux grub2 - Use similar format for menu entry in grub environment block - config file. [Orabug: 32172943] - Fix degradation in multiboot2 code [Orabug: 32069510] - Update signing certificate for efi binaries - Update upstream references [Orabug: 30138841] - Restore symlink to grub environment file, that was removed during grub2-efi update if grub2 package is also installed on UEFI machines [Orabug: 27345750] - fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481] - Fix comparison in patch for [Orabug: 18504756] - Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481] - replace dynamic EFI boot folder path generation with predefined 'redhat' (Alex Burmashev) - Put "with" in menuentry instead of "using" [Orabug: 18504756] - Use different titles for UEK and RHCK kernels [Orabug: 18504756] [2.02-087.el7.14] - Rebuild for signing - Related: RHEL-23460 [2.02-087.el7.13] - safemath: add grub_cast for gcc < 5.1 - Related: RHEL-23460 [2.02-087.el7.12] - Font CVE fixes and bump SBAT (CVE-2022-2601) - Resolves: RHEL-23460 [2.02-087.el7.11] - Bump sbat - Resolves: CVE-2022-28733 [2.02-087.el7.10] - Backport the relevant CVE fixes from the 2022-05-24 drop - Resolves: CVE-2022-28733 [2.02-087.el7.9] - Bump for signing - Resolves: #1892860 [2.02-0.87.el7.8] - Fix accidental reboot in grub_exit - Resolves: #1892860 _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata