[Git][security-tracker-team/security-tracker][master] Ignore BootHole and friends in stretch

Wed, 29 Jul 2020 10:44:33 -0700 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cbc28b71 by Emilio Pozuelo Monfort at 2020-07-29T19:37:18+02:00
Ignore BootHole and friends in stretch

There's no SecureBoot support in stretch (no signed shim, grub or
kernel) so if an attacker can modify grub.cfg, they may as well
point it to a malicious (unsigned) kernel.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -921,10 +921,12 @@ CVE-2020-15708
 CVE-2020-15707
        RESERVED
        - grub2 2.04-9
+       [stretch] - grub2 <ignored> (No SecureBoot support in stretch)
        NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
 CVE-2020-15706
        RESERVED
        - grub2 2.04-9
+       [stretch] - grub2 <ignored> (No SecureBoot support in stretch)
        NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
 CVE-2020-15705
        RESERVED
@@ -4417,18 +4419,22 @@ CVE-2020-14312
 CVE-2020-14311
        RESERVED
        - grub2 2.04-9
+       [stretch] - grub2 <ignored> (No SecureBoot support in stretch)
        NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
 CVE-2020-14310
        RESERVED
        - grub2 2.04-9
+       [stretch] - grub2 <ignored> (No SecureBoot support in stretch)
        NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
 CVE-2020-14309
        RESERVED
        - grub2 2.04-9
+       [stretch] - grub2 <ignored> (No SecureBoot support in stretch)
        NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
 CVE-2020-14308
        RESERVED
        - grub2 2.04-9
+       [stretch] - grub2 <ignored> (No SecureBoot support in stretch)
        NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
 CVE-2020-14307 (A vulnerability was found in Wildfly's Enterprise Java Beans 
(EJB) ver ...)
        - wildfly <itp> (bug #752018)
@@ -15024,6 +15030,7 @@ CVE-2020-10714
 CVE-2020-10713
        RESERVED
        - grub2 2.04-9
+       [stretch] - grub2 <ignored> (No SecureBoot support in stretch)
        NOTE: https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
        NOTE: https://www.openwall.com/lists/oss-security/2020/07/29/3
 CVE-2020-10712 (A flaw was found in OpenShift Container Platform version 4.1 
and later ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbc28b710f35551896bd91a571122c63d15591fa

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbc28b710f35551896bd91a571122c63d15591fa
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to