From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from list by lists.gnu.org with archive (Exim 4.90_1) id 1k0sRK-0003Bc-Nn for mharc-grub-devel@gnu.org; Wed, 29 Jul 2020 16:12:38 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:58632) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1k0sRI-0003BU-Bh for grub-devel@gnu.org; Wed, 29 Jul 2020 16:12:36 -0400 Received: from mx.mylinuxtime.de ([195.201.174.144]:57822) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1k0sRF-0001aw-R1 for grub-devel@gnu.org; Wed, 29 Jul 2020 16:12:35 -0400 Received: from leda (unknown [IPv6:2001:470:7177:718:c846:3864:489c:52bb]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx.mylinuxtime.de (Postfix) with ESMTPSA id B200C14113C; Wed, 29 Jul 2020 22:12:26 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=eworm.de; s=mail; t=1596053547; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=6M0VBEF7W0aJjYfo3vmkpHF97iJK8zIOtjTCigln87k=; b=sMwwy3TqAPYtYPCiv0yQbTjbLTdcL0e3a4FnAtvhJ21ROuXyaE5+lxjjtxdUxWNrpf1coK iw7HEN3lvnHg8LFtl8iEq4j+LCU8O4pbhLMekInTGOW74zBHaMMiRm1SsMKXd6ogVqJn/j amYt0l+U6AqXL9I/MtatRQcqLYxQV84= Date: Wed, 29 Jul 2020 22:12:17 +0200 From: Christian Hesse To: Daniel Kiper Cc: The development of GNU GRUB Subject: Re: [SECURITY PATCH 00/28] Multiple GRUB2 vulnerabilities - BootHole Message-ID: <20200729221217.6c441f97@leda> In-Reply-To: <20200729170041.14082-1-daniel.kiper@oracle.com> References: <20200729170041.14082-1-daniel.kiper@oracle.com> X-Mailer: Claws Mail 3.17.6 (GTK+ 2.24.32; x86_64-pc-linux-gnu) X-Face: %O:rCSkHSKf7^4uF|FD$9$I0}g$nbnS1{DYPvs#:,~e`).mzj\$P9]V!WCveE/XdbL,L!{)6v%x4\Bt!b#{; dS&h"7l=ow'^({02!2%XOugod|u*mYBVm-OS:VpZ"ZrRA4[Q&zye,^j; ftj!Hxx\1@; LM)Pz)|B%1#sfF; s; ,N?*K*^) Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAGFBMVEUZFRFENy6KVTKEd23CiGHeqofJvrX4+vdHgItOAAAACXBIWXMAAA3XAAAN1wFCKJt4AAACUklEQVQ4y2VUTZeqMAxNxXG2Io5uGd64L35unbF9ax0b3OLxgFs4PcLff0lBHeb1QIq5uelNCEJNq/TIFGyeC+iugH0WJr+B1MvzWASpuP4CYHOB0VfoDdddwA7OIFQIEHjXDiCtV5e9QX0WMu8AG0mB7g7WP4GqeqVdsi4vv/5kFBvaF/zD7zDquL4DxbrDGDyAsgNYOsJOYzth4Q9ZF6iLV+6TLAT1pi2kuvgAtZxSjoG8cL+8vIn251uoe1OOEWwbIPU04gHsmMsoxyyhYsD2FdIigF1yxaVbBuSOCAlCoX324I7wNMhrO1bhOLsRoA6DC6wQ5eQiSG5BiWQfM4gN+uItQTRDMaJUhVbGyKWCuaaUGSVFVKpl4PdoDn3yY8J+YxQxyhlHfoYOyPgyDcO+cSQK6Bvabjcy2nwRo3pxgA8jslnCuYw23ESOzHAPYwo4ITNQMaOO+RGPEGhSlPEZBh2jmBEjQ5cKbxmr0ruAe/WCriUxW76I8T3h7vqY5VR5wXLdERodg2rHEzdxxk5KpXTL4FwnarvndKM5/MWDY5CuBBdQ+3/0ivsUJHicuHd+Xh3jOdBL+FjSGq4SPCwco+orpWlERRTNo7BHCvbNXFVSIQMp+P5QsIL9upmr8kMTUOfxEHoanwzKRcNAe76WbjBwex/RkdHu48xT5YqP70DaMOhBcTHmAVDxLaBdle93oJy1QKFUh2GXT4am+YH/GGel1CeI98GdMXsytjCKIq/9cMrlgxFCROv+3/BU1fijNpcVD6DxE8VfLBaxUGr1D5usgDYdjwiPAAAAAElFTkSuQmCC MIME-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/1bU0X4=COdIfC3uay76=ZsA"; protocol="application/pgp-signature"; micalg=pgp-sha256 Authentication-Results: mx.mylinuxtime.de; auth=pass smtp.auth=mail@eworm.de smtp.mailfrom=list@eworm.de X-Rspamd-Server: mx X-Stat-Signature: esz5udb5wautawz7s16a1wcpyc7e9mf8 X-Rspamd-Queue-Id: B200C14113C X-Spamd-Result: default: False [-3.56 / 15.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-3.15)[-1.049]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; TO_DN_ALL(0.00)[]; DKIM_SIGNED(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.71)[-0.711]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; MID_RHS_NOT_FQDN(0.50)[]; ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US] Received-SPF: pass client-ip=195.201.174.144; envelope-from=list@eworm.de; helo=mx.mylinuxtime.de X-detected-operating-system: by eggs.gnu.org: First seen = 2020/07/29 16:12:29 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2020 20:12:36 -0000 --Sig_/1bU0X4=COdIfC3uay76=ZsA Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Daniel Kiper on Wed, 2020/07/29 19:00: > I am posting all the GRUB2 upstream patches which fixes all security bugs > found and reported up until now. Major Linux distros carry or will carry > soon one form or another of these patches. Now all the GRUB2 upstream > patches are in the GRUB2 git repository [5] too. This does not apply on top of grub 2.04. Will downstream maintainers have to do their cherry-picking on its own or will a maintenance branch on top of grub-2.04 (or what ever) be available? I would like to push updates to the Arch Linux repositories. Thanks! --=20 main(a){char*c=3D/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Best regards my address: */=3D0;b=3Dc[a+= +];) putchar(b-1/(/* Chris cc -ox -xc - && ./x */b/42*2-3)*42);} --Sig_/1bU0X4=COdIfC3uay76=ZsA Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEXHmveYAHrRp+prOviUUh18yA9HYFAl8h2CEACgkQiUUh18yA 9HYnRwf/YmlJakXx6sTWiAoueXke9kMuThASPLBT0QYuf5mCc3w2RiuX73BWoZZw Nrdo7H9TyFmoromk86Y2fpMQrh74CFZzG5/xjDI2Y9qf0f+JnQHYTcqZBciMnK3q c0GYjyfu9jGlsmxuVx7+NabZHctNT/KxqSHyVeIk/osPVIpn5SHpbPI8K43lGuV+ 9ABmZWPl8CGUNiT4RbSCLinwetveT6//cFF1y2w4coBLPE8bdbWbgFHo/nJAIsMV W8nwfEUQOBrQlnLzGLLVhwt0fO0TJB9DRumkFwdzTOEuwT5z7wS2z1P5L0Yd4riS xLDVI++KHZ7BLflijHnH3R728tO6jw== =mGO2 -----END PGP SIGNATURE----- --Sig_/1bU0X4=COdIfC3uay76=ZsA--