Oracle Linux 6277 Published by

A grub2 security update has been released for Oracle Linux 7.



El-errata: ELSA-2021-0699 Moderate: Oracle Linux 7 grub2 security update


Oracle Linux Security Advisory ELSA-2021-0699

  http://linux.oracle.com/errata/ELSA-2021-0699.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
grub2-2.02-0.87.0.7.el7_9.2.x86_64.rpm
grub2-common-2.02-0.87.0.7.el7_9.2.noarch.rpm
grub2-efi-ia32-2.02-0.87.0.7.el7_9.2.x86_64.rpm
grub2-efi-ia32-cdboot-2.02-0.87.0.7.el7_9.2.x86_64.rpm
grub2-efi-ia32-modules-2.02-0.87.0.7.el7_9.2.noarch.rpm
grub2-efi-x64-2.02-0.87.0.7.el7_9.2.x86_64.rpm
grub2-efi-x64-cdboot-2.02-0.87.0.7.el7_9.2.x86_64.rpm
grub2-efi-x64-modules-2.02-0.87.0.7.el7_9.2.noarch.rpm
grub2-pc-2.02-0.87.0.7.el7_9.2.x86_64.rpm
grub2-pc-modules-2.02-0.87.0.7.el7_9.2.noarch.rpm
grub2-tools-2.02-0.87.0.7.el7_9.2.x86_64.rpm
grub2-tools-extra-2.02-0.87.0.7.el7_9.2.x86_64.rpm
grub2-tools-minimal-2.02-0.87.0.7.el7_9.2.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/grub2-2.02-0.87.0.7.el7_9.2.src.rpm


Description of changes:

[2.02-0.87.0.7.e7.2]
- add SBAT metadata for Oracle Linux grub2
- Use similar format for menu entry in grub environment block
- config file. [Orabug: 32172943]
- Fix degradation in multiboot2 code [Orabug: 32069510]
- Update signing certificate for efi binaries
- Update upstream references [Orabug: 30138841]
- Restore symlink to grub environment file, that was removed during
grub2-efi update
if grub2 package is also installed on UEFI machines [Orabug: 27345750]
- fix symlink removal scriptlet, to be executed only on removal [Orabug:
19231481]
- Fix comparison in patch for [Orabug: 18504756]
- Remove symlink to grub environment file during uninstall on EFI
platforms [Orabug: 19231481]
- replace dynamic EFI boot folder path generation with predefined
'redhat' (Alex Burmashev)
- Put "with" in menuentry instead of "using" [Orabug: 18504756]
- Use different titles for UEK and RHCK kernels [Orabug: 18504756]

[2.02-0.87.e7.2]
- Fix another batch of CVEs
Resolves: CVE-2020-14372
Resolves: CVE-2020-25632
Resolves: CVE-2020-25647
Resolves: CVE-2020-27749
Resolves: CVE-2020-27779
Resolves: CVE-2021-20225
Resolves: CVE-2021-20233

[2.02-0.87.e7.1]
- Fix keyboards that report IBM PC AT scan codes
Resolves: rhbz#1892240