User: Password:
Subscribe / Log in / New account

Fedora alert FEDORA-2012-7579 (grub2)

Subject:  [SECURITY] Fedora 16 Update: grub2-1.99-13.fc16.3
Date:  Thu, 10 May 2012 14:20:18 +0000
Message-ID:  <>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-7579 2012-05-10 03:42:01 -------------------------------------------------------------------------------- Name : grub2 Product : Fedora 16 Version : 1.99 Release : 13.fc16.3 URL : Summary : Bootloader with support for Linux, Multiboot and more Description : The GRand Unified Bootloader (GRUB) is a highly configurable and customizable bootloader with modular architecture. It support rich varietyof kernel formats, file systems, computer architectures and hardware devices. -------------------------------------------------------------------------------- Update Information: Don't allow non-root users to view contents of /etc/grub.d (CVE-2012-2314) -------------------------------------------------------------------------------- ChangeLog: * Mon May 7 2012 Peter Jones <> - 1.99-13.3 - Work around #819031 . * Mon Mar 12 2012 Adam Williamson <> - 1:1.99-13.2 - Build with -Os for both grub2-efi and regular grub2 (complete fix for 782144) (thanks Ian Collier) * Fri Feb 17 2012 Orion Poplawski <> - 1:1.99-13.1 - Build with -Os (bug 782144) * Thu Dec 8 2011 Adam Williamson <> - 1.99-13 - fix hardwired call to grub-probe in 30_os-prober (rhbz#737203) * Mon Nov 7 2011 Peter Jones <> - 1.99-12 - Lots of .spec fixes from Mads Kiilerich: Remove comment about update-grub - it isn't run in any scriptlets patch info pages so they can be installed and removed correctly when renamed fix references to grub/grub2 renames in info pages (#743964) update README.Fedora (#734090) fix comments for the hack for upgrading from grub2 < 1.99-4 fix sed syntax error preventing use of $RPM_OPT_FLAGS (#704820) make /etc/grub2*.cfg %config(noreplace) make grub.cfg %ghost - an empty file is of no use anyway create /etc/default/grub more like anaconda would create it (#678453) don't create rescue entries by default - grubby will not maintain them anyway set GRUB_SAVEDEFAULT=true so saved defaults works (rbhz#732058) grub2-efi should have its own bash completion don't set gfxpayload in efi mode - backport upstream r3402 - Handle dmraid better. Resolves: rhbz#742226 -------------------------------------------------------------------------------- References: [ 1 ] Bug #819031 - CVE-2012-2314 anaconda: Weak permissions by writing password configuration file in bootloader configuration module -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update grub2' at the command line. For more information, refer to "Managing Software with yum", available at All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list

(Log in to post comments)

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds