SUSE alert SUSE-SU-2019:13989-1 (grub2)
| From: | <sle-security-updates@lists.suse.com> | |
| To: | <sle-security-updates@lists.suse.com> | |
| Subject: | SUSE-SU-2019:13989-1: moderate: Security update for grub2 | |
| Date: | Wed, 27 Mar 2019 15:25:17 +0100 | |
| Message-ID: | <20190327142517.C8DDAFF2D@maintenance.suse.de> |
SUSE Security Update: Security update for grub2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:13989-1 Rating: moderate References: #1045063 #1124662 Cross-References: CVE-2017-9763 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for grub2 fixes the following issues: Security issue fixed: - CVE-2017-9763: Fixed a memory leak in grub_ext2_read_block (bsc#1045063) Other issues addressed: - Added support for tftp block counter roll-over and backported support for efinetSNP open (bsc#1124662). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-grub2-13989=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-grub2-13989=1 Package List: - SUSE Linux Enterprise Server 11-SP4 (x86_64): grub2-x86_64-efi-2.00-0.66.8.1 grub2-x86_64-xen-2.00-0.66.8.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64): grub2-debuginfo-2.00-0.66.8.1 grub2-debugsource-2.00-0.66.8.1 References: https://www.suse.com/security/cve/CVE-2017-9763.html https://bugzilla.suse.com/1045063 https://bugzilla.suse.com/1124662 _______________________________________________ sle-security-updates mailing list sle-security-updates@lists.suse.com http://lists.suse.com/mailman/listinfo/sle-security-updates