Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round

2021-03-22 Thread Daniel Kiper
On Thu, Mar 18, 2021 at 09:58:23AM +0100, Paul Menzel wrote: > Dear Darren, dear Darren, > > Am 02.03.21 um 19:00 schrieb Daniel Kiper: > > Thank you very much for finding and fixing all these issues, and > coordinating the publication. > > […] > > >

Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round

2021-03-18 Thread Paul Menzel
Dear Darren, dear Darren, Am 02.03.21 um 19:00 schrieb Daniel Kiper: Thank you very much for finding and fixing all these issues, and coordinating the publication. […] .../lib/gnulib-patches/fix-null-state-deref.patch | 12 + .../gnulib-patches/fix-regcomp-uninit-token.patch | 15 +

Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round

2021-03-09 Thread Daniel Kiper
On Tue, Mar 09, 2021 at 10:57:36AM -0500, Neal Gompa wrote: > On Tue, Mar 2, 2021 at 4:08 PM Daniel Kiper wrote: > > > > Hi Adrian, > > > > On Tue, Mar 02, 2021 at 08:37:14PM +0100, John Paul Adrian Glaubitz wrote: > > > Hi Daniel! > > > > > > On 3/2/21 7:00 PM, Daniel Kiper wrote: > > > > The

Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round

2021-03-09 Thread Neal Gompa
On Tue, Mar 2, 2021 at 4:08 PM Daniel Kiper wrote: > > Hi Adrian, > > On Tue, Mar 02, 2021 at 08:37:14PM +0100, John Paul Adrian Glaubitz wrote: > > Hi Daniel! > > > > On 3/2/21 7:00 PM, Daniel Kiper wrote: > > > The BootHole vulnerability [1][2] announced last year encouraged many > > > people

Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round

2021-03-02 Thread Daniel Kiper
Hi Adrian, On Tue, Mar 02, 2021 at 08:37:14PM +0100, John Paul Adrian Glaubitz wrote: > Hi Daniel! > > On 3/2/21 7:00 PM, Daniel Kiper wrote: > > The BootHole vulnerability [1][2] announced last year encouraged many > > people to > > take a closer look at the security of boot process in general

Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round

2021-03-02 Thread Bruce Dubbs
On 3/2/21 1:37 PM, John Paul Adrian Glaubitz wrote: Hi Daniel! On 3/2/21 7:00 PM, Daniel Kiper wrote: The BootHole vulnerability [1][2] announced last year encouraged many people to take a closer look at the security of boot process in general and the GRUB bootloader in particular. Due to

Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round

2021-03-02 Thread John Paul Adrian Glaubitz
Hi Daniel! On 3/2/21 7:00 PM, Daniel Kiper wrote: > The BootHole vulnerability [1][2] announced last year encouraged many people > to > take a closer look at the security of boot process in general and the GRUB > bootloader in particular. Due to that, during past few months we were getting >

[SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round

2021-03-02 Thread Daniel Kiper
Hi all, The BootHole vulnerability [1][2] announced last year encouraged many people to take a closer look at the security of boot process in general and the GRUB bootloader in particular. Due to that, during past few months we were getting reports of, and also discovering various security flaws