Package: grub2
Tags: security

Hi,

Although there are patches in `debian/patches/cve_2022_2601/`, they are not used by `debian/patches/series`. So the vulnerability is still not fixed in buster even its SBAT==3.

Bullseye seems OK. However, it seems debian's SBAT numbers should be bumped, so bullseye also needs an update.


Best Regards,
Zhang Boyang

Reply via email to