Re: [SECURITY PATCH 49/73] fs: Disable many filesystems under lockdown

On 20/02/2025 at 17:43, Daniel Kiper wrote: > On Wed, Feb 19, 2025 at 09:15:50AM +0100, Petr Řehák wrote: >> >> why is there a lockdown for the NTFS file system, please? Is it vulnerable >> as well when no CVE exists for it? We are developers of computer-aided >> assistive technology for blind and

[PATCH v2 RESEND] util/grub.d/30_os-prober.in: Fix GRUB_OS_PROBER_SKIP_LIST for non-EFI

GRUB documentation states: ‘GRUB_OS_PROBER_SKIP_LIST’ List of space-separated FS UUIDs of filesystems to be ignored from os-prober output. For efi chainloaders it’s @ But the actual behaviour does not match this description. GRUB_OS_PROBER_SKIP_LIST="" does nothing. In order to skip non-E

Re: Arch Linux latest git snapshot has too many issues to be a new release base

Glenn Washburn on Fri, 2025/02/21 01:33: > > It failed for my co-maintainer in 2 cases: > > > > - loopback device seems to be broken > > > > - encrypted devices is not working anymore for him > > These two issues are news to me. Were these failed tests using the > latest security patch series

Re: [SECURITY PATCH 00/73] GRUB2 vulnerabilities - 2025/02/18

Daniel Kiper via Grub-devel on Tue, 2025/02/18 19:00: > I am posting all the GRUB2 upstream patches which fix all security bugs > found and reported up until now. Major Linux distros carry or will carry > soon one form or another of these patches. Now all the GRUB2 upstream > patches are in the GR

Re: Arch Linux latest git snapshot has too many issues to be a new release base

Michael Chang via Grub-devel on Fri, 2025/02/21 15:55: > > - encrypted devices is not working anymore for him > > I have no idea about this. Is there any error message that could help to > understand how it failed? Actually I can no longer reproduce. %-p Last time I had to recover quickly and

Re: Arch Linux latest git snapshot has too many issues to be a new release base

On Fri, Feb 21, 2025 at 10:01:11AM +0100, Christian Hesse wrote: > Michael Chang via Grub-devel on Fri, 2025/02/21 15:55: > > On Thu, Feb 20, 2025 at 12:27:12PM +0100, Tobias Powalowski via Grub-devel > > wrote: > > > It failed for my co-maintainer in 2 cases: > > > > > > - loopback device seems

Re: [PATCH] fs/ext2: Rework out-of-bounds read for inline and external extents

Michael Chang via Grub-devel on Fri, 2025/02/21 09:06: > Previously, the number of extent entries was not properly capped based > on the actual available space. This could lead to insufficient reads for > external extents, since the computation was based solely on the inline > extent layout. > >

Re: Arch Linux latest git snapshot has too many issues to be a new release base

Michael Chang via Grub-devel on Fri, 2025/02/21 15:55: > On Thu, Feb 20, 2025 at 12:27:12PM +0100, Tobias Powalowski via Grub-devel > wrote: > > It failed for my co-maintainer in 2 cases: > > > > - loopback device seems to be broken > > Is the loopback file placed on an ext2/3/4 file system?