-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 02 Oct 2023 16:11:34 +0200 Source: grub2 Binary: grub-common grub-common-dbgsym grub-mount-udeb grub-theme-starfield grub-yeeloong grub-yeeloong-bin grub-yeeloong-dbg grub2-common grub2-common-dbgsym Architecture: mipsel Version: 2.06-3~deb11u6 Distribution: bullseye-security Urgency: medium Maintainer: mipsel Build Daemon (mipsel-osuosl-03) Changed-By: Julian Andres Klode Description: grub-common - GRand Unified Bootloader (common files) grub-mount-udeb - export GRUB filesystems using FUSE (udeb) grub-theme-starfield - GRand Unified Bootloader, version 2 (starfield theme) grub-yeeloong - GRand Unified Bootloader, version 2 (Yeeloong version) grub-yeeloong-bin - GRand Unified Bootloader, version 2 (Yeeloong modules) grub-yeeloong-dbg - GRand Unified Bootloader, version 2 (Yeeloong debug files) grub2-common - GRand Unified Bootloader (common files for version 2) Changes: grub2 (2.06-3~deb11u6) bullseye-security; urgency=medium . [ Mate Kukri ] * SECURITY UPDATE: Crafted file system images can cause out-of-bounds write and may leak sensitive information into the GRUB pager. - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume- label.patch: fs/ntfs: Fix an OOB read when parsing a volume label - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-bs-for- index-at.patch: fs/ntfs: Fix an OOB read when parsing bitmaps for index attributes - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-dory- entries-fr.patch: fs/ntfs: Fix an OOB read when parsing directory entries from resident and non-resident index attributes - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-reading-data-fhe- reside.patch: fs/ntfs: Fix an OOB read when reading data from the resident $DATA + attribute - CVE-2023-4693 * SECURITY UPDATE: Crafted file system images can cause heap-based buffer overflow and may allow arbitrary code execution and secure boot bypass. - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-write-when-parsing-the- ATTRIBUTE_LIST-.patch: fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST attribute for the $MFT file - d/patches/ntfs-cve-fixes/fs-ntfs-Make-code-more-readable.patch fs/ntfs: Make code more readable - CVE-2023-4692 . [ Julian Andres Klode ] * Bump SBAT to grub,4 Checksums-Sha1: c54ac6adc6677f54a8c3b5e55a62e2419ac34339 10647040 grub-common-dbgsym_2.06-3~deb11u6_mipsel.deb cdc777bcf64db14b03d869447934742fe5a18df5 2932256 grub-common_2.06-3~deb11u6_mipsel.deb ef4a1de04b0099abd4c9df1bcc8bf7736b9c2e87 451692 grub-mount-udeb_2.06-3~deb11u6_mipsel.udeb ee4c9527de64bd493da2b84e255c4ebe3f75a891 2394820 grub-theme-starfield_2.06-3~deb11u6_mipsel.deb 6251ceaa71b30979ecdb5ff3605c23e4e9577a4a 976084 grub-yeeloong-bin_2.06-3~deb11u6_mipsel.deb 8321c4faa2d81bbdafd776d68b07a56bd3b652e1 2937252 grub-yeeloong-dbg_2.06-3~deb11u6_mipsel.deb 22ea0a1a80246f3c217e30c9ffce60bbe5a07f3c 279928 grub-yeeloong_2.06-3~deb11u6_mipsel.deb 5f82f59dd8ee004e83ad5ea9dcf4d97a290975ec 1484772 grub2-common-dbgsym_2.06-3~deb11u6_mipsel.deb 2b6833fd0107e94182689f6d8ff75bb49cdf055f 871704 grub2-common_2.06-3~deb11u6_mipsel.deb 78aa8d8adf4bd5f4ab094d842da5d4f3b1665d31 13071 grub2_2.06-3~deb11u6_mipsel-buildd.buildinfo Checksums-Sha256: 83ebfbee163841e71abca45d5756a11920078cb068616516911554d9efad8304 10647040 grub-common-dbgsym_2.06-3~deb11u6_mipsel.deb 4ada485a28294bcf4df910237dcfc0f435dbe73e3ebef1907d40e23421c933d9 2932256 grub-common_2.06-3~deb11u6_mipsel.deb 6c9e8672a9d6948dc7888e8d29be46aad0d6a07b88094f22c1a221632df68346 451692 grub-mount-udeb_2.06-3~deb11u6_mipsel.udeb 49dbc34692b2838f820ff595cbb3af7318b44c7d6e1c8f0271c1cc6be0bb6084 2394820 grub-theme-starfield_2.06-3~deb11u6_mipsel.deb 9cb97545536c047f72f39296fa0f4d87252cf8de1d8aee3ca45771b3517d9119 976084 grub-yeeloong-bin_2.06-3~deb11u6_mipsel.deb 38e395bac1310557521264ed7394000f9c24e95c38d10e79fbaf59534b36feed 2937252 grub-yeeloong-dbg_2.06-3~deb11u6_mipsel.deb 84a3d7f8679835244ce3f264f216e16b960462a1de76d65b981c7fe895c31849 279928 grub-yeeloong_2.06-3~deb11u6_mipsel.deb 91a7af956add20fd500904b02ae9a2b4ef01ac92e5fd00f247b3ac4b742a5c4a 1484772 grub2-common-dbgsym_2.06-3~deb11u6_mipsel.deb d4a68cea0c073d3fd28129aa6aa37cf84151183d737da6e3fee959bc964320d9 871704 grub2-common_2.06-3~deb11u6_mipsel.deb d38898a8354d2eacdabfd030c5e7d2f520c41aa7413da1b29fbcfeea2a36f0e5 13071 grub2_2.06-3~deb11u6_mipsel-buildd.buildinfo Files: 2ee939754b927150b9b3fb50c234606e 10647040 debug optional grub-common-dbgsym_2.06-3~deb11u6_mipsel.deb bb0ae183b33ffa5020a9f58929d63e40 2932256 admin optional grub-common_2.06-3~deb11u6_mipsel.deb ac3547597f412be9d940056ea9507cf1 451692 debian-installer optional grub-mount-udeb_2.06-3~deb11u6_mipsel.udeb fcb167d18ffb3a2c3f70a204386e3755 2394820 admin optional grub-theme-starfield_2.06-3~deb11u6_mipsel.deb 021dbc3c36285a5870626cf5ef3a78fa 976084 admin optional grub-yeeloong-bin_2.06-3~deb11u6_mipsel.deb f52fb86618a4b612b834fba3436d3d3f 2937252 debug optional grub-yeeloong-dbg_2.06-3~deb11u6_mipsel.deb 28b17819b23422ad9d80363e744b73af 279928 admin optional grub-yeeloong_2.06-3~deb11u6_mipsel.deb 25e89a0a7a7c1746f342e4927f316b07 1484772 debug optional grub2-common-dbgsym_2.06-3~deb11u6_mipsel.deb 44d8c45ec85027c25877642fb84187e9 871704 admin optional grub2-common_2.06-3~deb11u6_mipsel.deb fa932313a4668dfc466feb4a0ca65dd5 13071 admin optional grub2_2.06-3~deb11u6_mipsel-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXUZVEjohYGA7PDpMojl408mCs9YFAmUcUP0ACgkQojl408mC s9ZOGhAAgHyJ0g6wyAmvLLlkG3BVYnHlw2bmWbNvjfn/h5v5tKy/66+EggfdyRz4 +AXSXxAvJC+0AieTx9qgA/WIsejZUTIBrwLPDBZ14shAyYfxKe7/mRfAPn2ef5a8 frfXtW3ikOk/x2JQuC3pcSOB1Pr7D/4rpxpCRzqEDZCkin9NzFH7f+dosXZX8pJU a54Zgzv7gKBoIEqsTvG3hMgIdR+ogu9WdDHZfx00KjvJiTzRD6AnVrYLqDwNdGgE 86gghK2vyCFqpCVcc8R6Ogcg3ePxLV983152btdylPlV6LrGEMTGCodkgqWWyZ8h wI/uJ7Ss41hlg9Qz/n+FkRy4MVCRyEzE3Y4vgQRGi1t50tFmJy326gaM7kI19CBv aCgbNDu/X3HpLsSygtChPJQJuc+o/Fe+zAdCTbQXlVENpit//JEUf53M7eu4H9XZ E0TBu0RRUUCQtdAGSZdaGdCUM9v5vpshLRT7Cs3+FnReaPVj8W2zq0pM62kGIPWP hNEhUSz0fCPs6wpMM+/POgVuK29v+HojWSJxMzaqAT22+MOaCfDAdoKkLbnX7JjY JUnA8Oh+Jbbf7TsJqUILv0dlLSX2Fs0GFNvYA+ELZ7odiBZClsWncsbvYH/7JjKk ECznzcynqzVRtE06BSIBiXbbqUMb7YYJYsyl5+VHatdGAWwZknI= =4Y9T -----END PGP SIGNATURE-----