A grub2 security update has been released for Oracle Linux 9.

El-errata: ELSA-2023-12019 Important: Oracle Linux 9 grub2 security update

Oracle Linux Security Advisory ELSA-2023-12019

  http://linux.oracle.com/errata/ELSA-2023-12019.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
grub2-common-2.06-46.0.4.el9.noarch.rpm
grub2-efi-aa64-modules-2.06-46.0.4.el9.noarch.rpm
grub2-efi-x64-2.06-46.0.4.el9.x86_64.rpm
grub2-efi-x64-cdboot-2.06-46.0.4.el9.x86_64.rpm
grub2-efi-x64-modules-2.06-46.0.4.el9.noarch.rpm
grub2-pc-2.06-46.0.4.el9.x86_64.rpm
grub2-pc-modules-2.06-46.0.4.el9.noarch.rpm
grub2-tools-2.06-46.0.4.el9.x86_64.rpm
grub2-tools-efi-2.06-46.0.4.el9.x86_64.rpm
grub2-tools-extra-2.06-46.0.4.el9.x86_64.rpm
grub2-tools-minimal-2.06-46.0.4.el9.x86_64.rpm

aarch64:
grub2-common-2.06-46.0.4.el9.noarch.rpm
grub2-efi-aa64-2.06-46.0.4.el9.aarch64.rpm
grub2-efi-aa64-cdboot-2.06-46.0.4.el9.aarch64.rpm
grub2-efi-aa64-modules-2.06-46.0.4.el9.noarch.rpm
grub2-efi-x64-modules-2.06-46.0.4.el9.noarch.rpm
grub2-tools-2.06-46.0.4.el9.aarch64.rpm
grub2-tools-extra-2.06-46.0.4.el9.aarch64.rpm
grub2-tools-minimal-2.06-46.0.4.el9.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol9/SRPMS-updates/grub2-2.06-46.0.4.el9.src.rpm

Related CVEs:

CVE-2022-2601
CVE-2022-3775



Description of changes:

[2.06-46.0.4]
- Bump SBAT metadata for grub to 3 [Orabug: 34872719]

[2.06-46.0.3]
- Fix CVE-2022-2601 and CVE-2022-3775 [Orabug: 34871953]
- Enable signing for aarch64 EFI

_______________________________________________