You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa grub2

Sigurnosni nedostatak programskog paketa grub2

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2014-16378
2014-12-06 01:55:17
——————————————————————————–

Name : grub2
Product : Fedora 20
Version : 2.00
Release : 27.fc20
URL : http://www.gnu.org/software/grub/
Summary : Bootloader with support for Linux, Multiboot and more
Description :
The GRand Unified Bootloader (GRUB) is a highly configurable and customizable
bootloader with modular architecture. It support rich varietyof kernel formats,
file systems, computer architectures and hardware devices. This subpackage
provides support for PC BIOS systems.

——————————————————————————–
Update Information:

Security fix for CVE-2014-4607
——————————————————————————–
ChangeLog:

* Fri Dec 5 2014 Peter Jones <pjones@redhat.com> – 2.00-27
– Update minilzo to 2.08 for CVE-2014-4607
Resolves: rhbz#1131793
* Mon Jun 23 2014 Adam Williamson <awilliam@redhat.com> – 2.00-26
– Don’t require password to boot normally – #840204
——————————————————————————–
References:

[ 1 ] Bug #1112418 – CVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1112418
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update grub2’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2014-16403
2014-12-06 09:19:01
——————————————————————————–

Name : grub2
Product : Fedora 21
Version : 2.02
Release : 0.13.fc21
URL : http://www.gnu.org/software/grub/
Summary : Bootloader with support for Linux, Multiboot and more
Description :
The GRand Unified Bootloader (GRUB) is a highly configurable and customizable
bootloader with modular architecture. It support rich varietyof kernel formats,
file systems, computer architectures and hardware devices. This subpackage
provides support for PC BIOS systems.

——————————————————————————–
Update Information:

Security fix for CVE-2014-4607
——————————————————————————–
ChangeLog:

* Thu Dec 4 2014 Peter Jones <pjones@redhat.com> – 2.02-0.13
– Update minilzo to 2.08 for CVE-2014-4607
Resolves: rhbz#1131793
* Thu Nov 13 2014 Peter Jones <pjones@redhat.com> – 2.02-0.12
– Make backtrace and usb conditional on !arm
– Make sure gcdaa64.efi is packaged.
Resolves: rhbz#1163481
——————————————————————————–
References:

[ 1 ] Bug #1112418 – CVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1112418
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update grub2’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

 

 

 

——————————————————————————–
Fedora Update Notification
FEDORA-2014-16452
2014-12-07 02:59:06
——————————————————————————–

Name : grub2
Product : Fedora 19
Version : 2.00
Release : 27.fc19
URL : http://www.gnu.org/software/grub/
Summary : Bootloader with support for Linux, Multiboot and more
Description :
The GRand Unified Bootloader (GRUB) is a highly configurable and customizable
bootloader with modular architecture. It support rich varietyof kernel formats,
file systems, computer architectures and hardware devices. This subpackage
provides support for PC BIOS systems.

——————————————————————————–
Update Information:

Security fix for CVE-2014-4607
——————————————————————————–
ChangeLog:

* Fri Dec 5 2014 Peter Jones <pjones@redhat.com> – 2.00-27
– Update minilzo to 2.08 for CVE-2014-4607
Resolves: rhbz#1131793
* Mon Jun 23 2014 Adam Williamson <awilliam@redhat.com> – 2.00-26
– Don’t require password to boot normally – #840204
* Sat Aug 10 2013 Peter Jones <pjones@redhat.com> – 2.00-25
– Last build failed because of a hardware error on the builder.
* Mon Aug 5 2013 Peter Jones <pjones@redhat.com> – 2.00-24
– Fix compiler flags to deal with -fstack-protector-strong
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 1:2.00-24
– Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Jul 2 2013 Dennis Gilmore <dennis@ausil.us> – 2.00-23
– add epoch to obsoletes
——————————————————————————–
References:

[ 1 ] Bug #1112418 – CVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1112418
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update grub2’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

 

AutorMarko Stanec
Cert idNCERT-REF-2014-12-0032-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa antiword

Otkriven je sigurnosni nedostatak u programskom paketu antiword za operacijski sustav Fedora 21. Otkriveni nedostatak je posljedica preljeva spremnika u...

Close