-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 02 Oct 2023 16:11:34 +0200
Source: grub2
Architecture: source
Version: 2.06-13+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: GRUB Maintainers <pkg-grub-devel@alioth-lists.debian.net>
Changed-By: Julian Andres Klode <jak@debian.org>
Changes:
 grub2 (2.06-13+deb12u1) bookworm-security; urgency=medium
 .
   [ Mate Kukri ]
   * SECURITY UPDATE: Crafted file system images can cause out-of-bounds write
     and may leak sensitive information into the GRUB pager.
     - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-
       label.patch:
       fs/ntfs: Fix an OOB read when parsing a volume label
     - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-bs-for-
       index-at.patch:
       fs/ntfs: Fix an OOB read when parsing bitmaps for index attributes
     - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-dory-
       entries-fr.patch:
       fs/ntfs: Fix an OOB read when parsing directory entries from resident and
       non-resident index attributes
     - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-reading-data-fhe-
       reside.patch:
       fs/ntfs: Fix an OOB read when reading data from the resident $DATA +
       attribute
     - CVE-2023-4693
   * SECURITY UPDATE: Crafted file system images can cause heap-based buffer
     overflow and may allow arbitrary code execution and secure boot bypass.
     - d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-write-when-parsing-the-
       ATTRIBUTE_LIST-.patch:
       fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST attribute for
       the $MFT file
     - d/patches/ntfs-cve-fixes/fs-ntfs-Make-code-more-readable.patch
       fs/ntfs: Make code more readable
     - CVE-2023-4692
 .
   [ Julian Andres Klode ]
   * Bump SBAT to grub,4
Checksums-Sha1:
 00cd7af388fb45e5ae5a81cfc729bef15863484f 6854 grub2_2.06-13+deb12u1.dsc
 86ff89731a0af97520a9329ea3a3652cf8cedde2 1115764 grub2_2.06-13+deb12u1.debian.tar.xz
 916c890be6ff432be3c92fff3af1e2235190b131 12866 grub2_2.06-13+deb12u1_source.buildinfo
Checksums-Sha256:
 03f224abef299fd769ef0800d5cf81d65dbf2d1071988638c2348c3792ddf10f 6854 grub2_2.06-13+deb12u1.dsc
 84e33fd5399c95410603e485a5b82b69d7f33e94c6146f3eb3bbe452894c8e6e 1115764 grub2_2.06-13+deb12u1.debian.tar.xz
 af26d828dbda1d6aa3bb84a41a93772d6725c7915f732bef0f8e9908632096e4 12866 grub2_2.06-13+deb12u1_source.buildinfo
Files:
 c74b87ae1521df3feb274863ed7b169a 6854 admin optional grub2_2.06-13+deb12u1.dsc
 05e83e408cbc7e01bdf1f006a0729f12 1115764 admin optional grub2_2.06-13+deb12u1.debian.tar.xz
 b549671d09c63937767fb4e7e88139e9 12866 admin optional grub2_2.06-13+deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJDBAEBCgAtFiEET7WIqEwt3nmnTHeHb6RY3R2wP3EFAmUa/GkPHGpha0BkZWJp
YW4ub3JnAAoJEG+kWN0dsD9xoTIP/R2pP4aTSCGJ57sEW2wqh+QrRB69CMfFuMbr
LrDDdHRXR2yxkAhKPwKOci80rEKR9cwd5HS/qYidLlc0IAvnVxjtoFatp+Mf8pRl
aDwrZuL4VDVYT3PboTVsRRLTJxbRiPSrr6HC4pn53Iy2rye2RvqKJQ3wEwoEP+d8
ME8l/QHMJ80ktzCSLtWQHGmkLMQWUzRIQrqW9s78tDtqfT0Lg5tL+DGfwd1GIp/H
c8JyPGMlVG6TbMOZna0crTdGjobNkYRvqR1mQwKwUiTcV4JpkqKcYsEHlHrbooV3
DeKIqrYxkZoG3amqX9MAuHsutQCMi3KKAmcVn/YTTJcEIpC4cxHcnKbuJL8nEYuO
XJUMvbf4JTaLeZivCVm1hCjprBei5Xmx8mWD99SrQbXc+yHIwOnlBbImhhEj6DAm
StbmIT+W7vZ8gCy4iwDFpqL6uDMKpeOWMxnvHCAhyH1yWVb2epoHoe8HaGmLx7pj
5JJM7AyTo52MjXDcuamhhRu8ZWnIyvJ/Kd1H6sIn4daE0nSJBsB7wTlKar3kz2wv
DzNl7eJ51EBikeKoySc78GNHznWc4RLJWLJ46s8lF3wIiWBS6gsKxJl+QgMo6WfJ
jJs7H4YQBVEzKpdqHLcwbPsRefvv+HMub1QHqNw8/YAb5g+lJi5HoRhYPjbWSIbP
DOKoQ/hC
=xvVe
-----END PGP SIGNATURE-----