[CLSA-2023:1674816097] grub2: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2023-01-27
Description:
- font: Reject glyphs exceeds font->max_glyph_width or font->max_glyph height - font: Fix size overflow in grub_font_get_glyph_internal() - CVE-2022-2601: font: Fix several integer overflows in grub_font_construct_glyph() - CVE-2022-3775: font: Fix an integer underflow in blit_comb()
Updated packages:
  • grub2-common-2.02-106.el8.tuxcare.els3.noarch.rpm
    sha:ba89aa6924d9b09f66f137df3097dd4d827e0748
  • grub2-efi-ia32-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:fcb977564e33fc38504259454b18c29366878719
  • grub2-efi-ia32-cdboot-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:07416e4649a8709c93e1f5eb402727a2bec23f4c
  • grub2-efi-ia32-modules-2.02-106.el8.tuxcare.els3.noarch.rpm
    sha:6ae18ee9032ec843465a86ecd73c8638431bff8b
  • grub2-efi-x64-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:fedcb82dfbcc64b7be3aaf19ecc47f4f09ceeb6c
  • grub2-efi-x64-cdboot-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:7020eff330ac22c00cce472ea1e30c19d3dbfb89
  • grub2-efi-x64-modules-2.02-106.el8.tuxcare.els3.noarch.rpm
    sha:c23d8eef906298e83335ef35bd07c5e3a0f89695
  • grub2-pc-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:2098fc0fcc3f8bb3b76948fdf66f650d03ad0a9c
  • grub2-pc-modules-2.02-106.el8.tuxcare.els3.noarch.rpm
    sha:59d78fb6db3f4abf384d1c663d3b921fcc24b3a2
  • grub2-tools-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:4c6e58d1d5c673a1b453d4a9dc37fa4fc0774470
  • grub2-tools-efi-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:c5b66115dc6a64fd32b1d289df5257ee65830823
  • grub2-tools-extra-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:87bab358936d0aab62433915a3906a238f52c695
  • grub2-tools-minimal-2.02-106.el8.tuxcare.els3.x86_64.rpm
    sha:d88eec6af6fbce7f62d7805a65940efd00331d81
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.