[Git][security-tracker-team/security-tracker][master] grub2 fixed in sid

Moritz Muehlenhoff (@jmm) Mon, 09 Feb 2026 05:42:36 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5b57fa53 by Moritz Muehlenhoff at 2026-02-09T14:41:44+01:00
grub2 fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32678,25 +32678,25 @@ CVE-2025-63225 (The Eurolab ELTS100_UBX device 
(firmware version ELTS100v1.UBX)
 CVE-2025-61713 (A Cleartext Storage of Sensitive Information in Memory 
vulnerability [ ...)
        NOT-FOR-US: Fortinet
 CVE-2025-61664 (A vulnerability in the GRUB2 bootloader has been identified in 
the nor ...)
-       - grub2 <unfixed> (bug #1120968)
+       - grub2 2.14-1 (bug #1120968)
        [trixie] - grub2 <no-dsa> (Minor issue)
        [bookworm] - grub2 <no-dsa> (Minor issue)
-       NOTE: 
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=05d3698b8b03eccc49e53491bbd75dba15f40917
+       NOTE: 
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=05d3698b8b03eccc49e53491bbd75dba15f40917
 (grub-2.14)
 CVE-2025-61663 (A vulnerability has been identified in the GRUB2 bootloader's 
normal c ...)
-       - grub2 <unfixed> (bug #1120968)
+       - grub2 2.14-1 (bug #1120968)
        [trixie] - grub2 <no-dsa> (Minor issue)
        [bookworm] - grub2 <no-dsa> (Minor issue)
-       NOTE: 
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=05d3698b8b03eccc49e53491bbd75dba15f40917
+       NOTE: 
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=05d3698b8b03eccc49e53491bbd75dba15f40917
 (grub-2.14)
 CVE-2025-61662 (A Use-After-Free vulnerability has been discovered in GRUB's 
gettext m ...)
-       - grub2 <unfixed> (bug #1120968)
+       - grub2 2.14-1 (bug #1120968)
        [trixie] - grub2 <no-dsa> (Minor issue)
        [bookworm] - grub2 <no-dsa> (Minor issue)
-       NOTE: 
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=8ed78fd9f0852ab218cc1f991c38e5a229e43807
+       NOTE: 
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=8ed78fd9f0852ab218cc1f991c38e5a229e43807
 (grub-2.14)
 CVE-2025-61661 (A vulnerability has been identified in the GRUB (Grand Unified 
Bootloa ...)
-       - grub2 <unfixed> (bug #1120968)
+       - grub2 2.14-1 (bug #1120968)
        [trixie] - grub2 <no-dsa> (Minor issue)
        [bookworm] - grub2 <no-dsa> (Minor issue)
-       NOTE: 
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=549a9cc372fd0b96a4ccdfad0e12140476cc62a3
+       NOTE: 
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=549a9cc372fd0b96a4ccdfad0e12140476cc62a3
 (grub-2.14)
 CVE-2025-60455 (Unsafe Deserialization vulnerability in Modular Max Serve 
before 25.6, ...)
        NOT-FOR-US: Modular Max Serve
 CVE-2025-59669 (A use of hard-coded credentials vulnerability in Fortinet 
FortiWeb 7.6 ...)
@@ -32748,15 +32748,15 @@ CVE-2025-54971 (An exposure of sensitive information 
to an unauthorized actor vu
 CVE-2025-54821 (An Improper Privilege Management vulnerability [CWE-269] 
vulnerability ...)
        NOT-FOR-US: Fortinet
 CVE-2025-54771 (A use-after-free vulnerability has been identified in the GNU 
GRUB (Gr ...)
-       - grub2 <unfixed> (bug #1120968)
+       - grub2 2.14-1 (bug #1120968)
        [trixie] - grub2 <no-dsa> (Minor issue)
        [bookworm] - grub2 <no-dsa> (Minor issue)
-       NOTE: 
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=c4fb4cbc941981894a00ba8e75d634a41967a27f
+       NOTE: 
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=c4fb4cbc941981894a00ba8e75d634a41967a27f
 (grub-2.14)
 CVE-2025-54770 (A vulnerability has been identified in the GRUB2 bootloader's 
network  ...)
-       - grub2 <unfixed> (bug #1120968)
+       - grub2 2.14-1 (bug #1120968)
        [trixie] - grub2 <no-dsa> (Minor issue)
        [bookworm] - grub2 <no-dsa> (Minor issue)
-       NOTE: 
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=10e58a14db20e17d1b6a39abe38df01fef98e29d
+       NOTE: 
https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=10e58a14db20e17d1b6a39abe38df01fef98e29d
 (grub-2.14)
 CVE-2025-54660 (An active debug code vulnerability in Fortinet 
FortiClientWindows 7.4. ...)
        NOT-FOR-US: Fortinet
 CVE-2025-54321 (In Ascertia SigningHub through 8.6.8, there is a lack of rate 
limiting ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b57fa536094f09758d4bd90035dd1ef66540b70

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b57fa536094f09758d4bd90035dd1ef66540b70
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] grub2 fixed in sid

Reply via email to