Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP1
patchinfo.24428
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.24428
<patchinfo incident="24428"> <issue tracker="bnc" id="1191185">VUL-0: EMBARGOED: CVE-2021-3696: grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling</issue> <issue tracker="bnc" id="1193282">grub2 sbat security contact</issue> <issue tracker="bnc" id="1198581">VUL-0: EMBARGOED: grub2: trackerbug for boothole 3 / boothole 2022</issue> <issue tracker="bnc" id="1198496">VUL-0: EMBARGOED: CVE-2022-28736: grub2: fixed a use-after-free in chainloader command</issue> <issue tracker="bnc" id="1198493">VUL-0: EMBARGOED: CVE-2022-28734: grub2: net/http: Fix OOB write for split http headers</issue> <issue tracker="bnc" id="1191186">VUL-0: EMBARGOED: CVE-2021-3697: grub2: Crafted JPEG image can lead to buffer underflow write in the heap</issue> <issue tracker="bnc" id="1191184">VUL-0: EMBARGOED: CVE-2021-3695: grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap</issue> <issue tracker="bnc" id="1198460">VUL-0: EMBARGOED: CVE-2022-28733: grub2: net/ip: do ip fragment maths safely</issue> <issue tracker="cve" id="2021-3696"/> <issue tracker="cve" id="2021-3697"/> <issue tracker="cve" id="2022-28733"/> <issue tracker="cve" id="2022-28736"/> <issue tracker="cve" id="2021-3695"/> <issue tracker="cve" id="2022-28734"/> <packager>michael-chang</packager> <rating>important</rating> <category>security</category> <summary>Security update for grub2</summary> <description>This update for grub2 fixes the following issues: Security fixes and hardenings for boothole 3 / boothole 2022 (bsc#1198581) - CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap (bsc#1191184) - CVE-2021-3696: Fixed that a crafted PNG image could lead to out-of-bound write during huffman table handling (bsc#1191185) - CVE-2021-3697: Fixed that a crafted JPEG image could lead to buffer underflow write in the heap (bsc#1191186) - CVE-2022-28733: Fixed fragmentation math in net/ip (bsc#1198460) - CVE-2022-28734: Fixed an out-of-bound write for split http headers (bsc#1198493) - CVE-2022-28736: Fixed a use-after-free in chainloader command (bsc#1198496) - Update SBAT security contact (bsc#1193282) - Bump grub's SBAT generation to 2 </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor