Reassigning to the package building the input for the signed binaries, unsigned binaries obviously don't get security patches as there is no security in the first place.
** Package changed: grub2 (Ubuntu) => grub2-unsigned (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2077201 Title: grub2 vendors libzstd 1.3.6 which has some CVEs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2077201/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
