Hi Adrian, On Tue, Mar 02, 2021 at 08:37:14PM +0100, John Paul Adrian Glaubitz wrote: > Hi Daniel! > > On 3/2/21 7:00 PM, Daniel Kiper wrote: > > The BootHole vulnerability [1][2] announced last year encouraged many > > people to > > take a closer look at the security of boot process in general and the GRUB > > bootloader in particular. Due to that, during past few months we were > > getting > > reports of, and also discovering various security flaws in the GRUB > > ourselves. > > You can find the list of most severe ones which got CVEs assigned at the > > end of > > this message. The patch bundle fixing all these issues in the upstream GRUB > > contains 117 patches. > > Huge thanks and kudos to everyone involved fixing all these vulnerabilities! > > Given the amount of patches, wouldn't it make sense to push an RC candidate > for 2.06 in the near future so that distributions can start shipping the pre- > release and avoiding to carry this large amount of patches?
I am planning to cut 2.06-rc1 in matter of days... Daniel _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
