User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2012-7579 (grub2)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 16 Update: grub2-1.99-13.fc16.3
Date:  Thu, 10 May 2012 14:20:18 +0000
Message-ID:  <20120510142018.E0D1E20E84@bastion01.phx2.fedoraproject.org>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-7579 2012-05-10 03:42:01 -------------------------------------------------------------------------------- Name : grub2 Product : Fedora 16 Version : 1.99 Release : 13.fc16.3 URL : http://www.gnu.org/software/grub/ Summary : Bootloader with support for Linux, Multiboot and more Description : The GRand Unified Bootloader (GRUB) is a highly configurable and customizable bootloader with modular architecture. It support rich varietyof kernel formats, file systems, computer architectures and hardware devices. -------------------------------------------------------------------------------- Update Information: Don't allow non-root users to view contents of /etc/grub.d (CVE-2012-2314) -------------------------------------------------------------------------------- ChangeLog: * Mon May 7 2012 Peter Jones <pjones@redhat.com> - 1.99-13.3 - Work around #819031 . * Mon Mar 12 2012 Adam Williamson <awilliam@redhat.com> - 1:1.99-13.2 - Build with -Os for both grub2-efi and regular grub2 (complete fix for 782144) (thanks Ian Collier) * Fri Feb 17 2012 Orion Poplawski <orion@cora.nwra.com> - 1:1.99-13.1 - Build with -Os (bug 782144) * Thu Dec 8 2011 Adam Williamson <awilliam@redhat.com> - 1.99-13 - fix hardwired call to grub-probe in 30_os-prober (rhbz#737203) * Mon Nov 7 2011 Peter Jones <pjones@redhat.com> - 1.99-12 - Lots of .spec fixes from Mads Kiilerich: Remove comment about update-grub - it isn't run in any scriptlets patch info pages so they can be installed and removed correctly when renamed fix references to grub/grub2 renames in info pages (#743964) update README.Fedora (#734090) fix comments for the hack for upgrading from grub2 < 1.99-4 fix sed syntax error preventing use of $RPM_OPT_FLAGS (#704820) make /etc/grub2*.cfg %config(noreplace) make grub.cfg %ghost - an empty file is of no use anyway create /etc/default/grub more like anaconda would create it (#678453) don't create rescue entries by default - grubby will not maintain them anyway set GRUB_SAVEDEFAULT=true so saved defaults works (rbhz#732058) grub2-efi should have its own bash completion don't set gfxpayload in efi mode - backport upstream r3402 - Handle dmraid better. Resolves: rhbz#742226 -------------------------------------------------------------------------------- References: [ 1 ] Bug #819031 - CVE-2012-2314 anaconda: Weak permissions by writing password configuration file in bootloader configuration module https://bugzilla.redhat.com/show_bug.cgi?id=819031 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update grub2' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds