This was fixed in debian sid already.
** Description changed:
+ [ Impact ]
+
+ * A large batch of secure boot CVEs in GRUB2 were fixed earlier this
+ year and recently un-embargoed earlier.
+
+ * This has an obvious impact on everyone relying on Secure Boot for any
+ purpose.
+
+ [ Test Plan
The attachment "0001-Do-not-increment-reference-count-when-insmod-is-
call.patch" seems to be a patch. If it isn't, please remove the "patch"
flag from the attachment, remove the "patch" tag, and if you are a
member of the ~ubuntu-reviewers, unsubscribe the team.
[This is an automated message per
Re-using this as a tracking bug for all the GRUB security updates
(because it is already in the changelog).
grub2 uploads should exist for series that runs 2.12, grub2-unsigned for
everything (both 2.06 and 2.12).
** Information type changed from Private Security to Public Security
** Also affec
