grub2 security update

2.02-0.87.0.29.el7.14 - Unregister gettext command on module unload CVE-2025-61662Orabug: 39112125 2.02-0.87.0.27.el7.14 - Fix OOB write in grubnetsearchconfigfile CVE-2025-0624 Orabug: 37770226 - Also adds implementation of grubstrlcpy for clean backport 2.02-0.87.0.26.el7.14 - Replace...

grub2 security update

2.02-156.0.1 - Restore correct SBAT entries - Replaced bugzilla.oracle.com references Orabug: 35475894 - efinet: Close and reopen card on failure Orabug: 35126950 - Fix CVE-2022-3775 Orabug: 34867710 - Bump SBAT metadata for grub to 3 Orabug: 34871758 - Enable signing on aarch64 - Don't try to...

SUSE CVE-2015-5281

The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux RHEL 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted 1 multiboot or 2 multiboot2 module in the configuration file or physically proximate attacke...

grub2 security update

2.02-0.87.0.26.el79.9 - Enable common subpackage for aarch64 - Do not sign aarch64 efi binaries Orabug: 32670043 - Remove aarch64 deps on shim Orabug: 32670043 - Restore versioned certificate provide for aarch64 package to satisfy shim Orabug: 32670043 2.02-0.87.0.24.el79.9 - Replace...

grub2 security update

2.02-123.0.7.el86.8 - Enable back btrfs module by default Orabug: 34377188 2.02-123.0.6.el86.8 - Backport upstream SNP protocol fixes Orabug: 34195100 2.02-123.0.5.el86.8 - Rebase Fix EFI loader kernel image allocation patch, adapt it to new NX code Orabug: 34352232 2.02-123.0.4.el86.8 - enable...

grub2, mokutil, shim, and shim-unsigned-x64 security update

2.02-123.0.4.el86.8 - enable multiboot2 Orabug: 34285558 - backport arm64: Fix EFI loader kernel image allocation Orabug: 33702462 - backport Arm: check for the PE magic for the compiled arch Orabug: 33702462 - Backport some better script logic for BTRFS support Orabug: 32448171 - Do not add shim...

grub2 security update

2.02-0.87.0.8.e7.2 - Enable common subpackage for aarch64 - Disable RHEL patch 0183-efinet-retransmit-if-our-device-is-busy.patch to comply with UEFI spec - add SBAT metadata for Oracle Linux grub2 - Use similar format for menu entry in grub environment block - config file. Orabug: 32172943 - Fix...

grub2 security update

2.02-0.87.0.7 - Fix CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 Orabug: 32530657 - Fix various coverity issues Orabug: 32530657 - Add SBAT metadata to grubx64.efi Orabug: 32530657 2.02-0.87.0.5 - Use similar format for menu entry in gru...

CVE-2015-5281

The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux RHEL 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted 1 multiboot or 2 multiboot2 module in the configuration file or physically proximate attacke...

CVE-2015-5281

CVE-2015-5281 affects GRUB2 on EFI systems (notably grub2 in RHEL7) where modules deemed unsuitable for Secure Boot could be loaded, allowing a local attacker to bypass Secure Boot and execute non-verified code via crafted multiboot/multiboot2 modules or boot menu entries. The issue arises from l...