[CLSA-2023:1674815966] grub2: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2023-01-27
Description:
- font: Reject glyphs exceeds font->max_glyph_width or font->max_glyph height - font: Fix size overflow in grub_font_get_glyph_internal() - CVE-2022-2601: font: Fix several integer overflows in grub_font_construct_glyph() - CVE-2022-3775: font: Fix an integer underflow in blit_comb()
Updated packages:
  • grub2-common-2.02-106.el8.tuxcare.els3.noarch.rpm
    sha:0d5742b5ae0a3f401e93bf246143c12e3e4180dc
  • grub2-efi-ia32-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:90684cadb57a6023ef91fd3fc39438b42bf073c0
  • grub2-efi-ia32-cdboot-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:900d45acb3eda09267a34ca9a45d749ca6261e45
  • grub2-efi-ia32-modules-2.02-106.el8.tuxcare.els3.noarch.rpm
    sha:d6519c17ff3e5d1a3c5b330ebbcda91ae05d5865
  • grub2-efi-x64-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:6b71fe59d81a2d730ee94ebf1bdff2f7dba13ee9
  • grub2-efi-x64-cdboot-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:25b05bd49e12cd13c74ee83dbfa7ff2301a53f22
  • grub2-efi-x64-modules-2.02-106.el8.tuxcare.els3.noarch.rpm
    sha:5c7f6b17c3c91b75ed45fc20d411af627f7e440f
  • grub2-pc-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:64434085bf655dd0e40014e1d9a519deaa3f55df
  • grub2-pc-modules-2.02-106.el8.tuxcare.els3.noarch.rpm
    sha:31ad6c82b05f1015588dad419e95543250dc5236
  • grub2-tools-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:0002500ac33ee5760912f75a64ff5830b15d5ca7
  • grub2-tools-efi-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:dd67027d2604b81817c82c1f2777efada6f93d41
  • grub2-tools-extra-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:6e75b0d5f9854b9c3d8a25538f9f9ec4c22719b7
  • grub2-tools-minimal-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:49dda76f5867c1c4824e958442c0d98adce215c4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.