-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package: grub-pc Severity: critical Tags: security
Grub2 has a very critical security problem right now[0]. CVE-2015-8370 allows more or less full access to the system via boot manager. Nevertheless, not all of my systems are affected as I luckily still use grub1 on them. Unfortunately it affects right that systems that I carry with me and that might been left out of my view sometimes. [0] http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html - -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (800, 'unstable'), (500, 'testing'), (110, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.2.6 (SMP w/8 CPU cores) Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) - -- Klaus Ethgen http://www.ethgen.ch/ pub 4096R/4E20AF1C 2011-05-16 Klaus Ethgen <kl...@ethgen.ch> Fingerprint: 85D4 CA42 952C 949B 1753 62B3 79D0 B06F 4E20 AF1C -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQGcBAEBCgAGBQJWcSzKAAoJEKZ8CrGAGfasHAgL/j9EiipyJSwJXrXqeNBuCklg VhqmViG6KUBrnP3MICjqm8Cfa8wrk/2suQ+sgCE8gPhiceWJRgKf+BhoqiRq7Q40 eBxJBAWTF7YLH63fUesQFnYgJzVaH3jbGtMAtFdoHsB8YVTRWF+9vexBUybCtjsE oGOq0at5qTK72txBChszPuhpT5FslDmYf8eAc5sJxjmvxkHiG6De+BVaZDf/5XEx OwU4W7pPeLXCNmlAcOzeHWfJuPzOKx8hO+wclxrEoxm2BelzPuowBjMWumm57fI+ 4cmPntXVP9iFWHlpUHUlMFouTQ5E7jFJ7F103X/XEoxTS/RCMx96t+UxqaMVybut lIEIjV/4XAcqfWvcU1JV590EBJjtaMC6RIXZ6kgF1yLT1EXc+nBkvk5mpQ2TWIQh Zpkl4wjCUWmLTJI4NWzey+s/r6T/jrCxyv7q/ifHM+pZhox7Y1b4SulUzNGLXynu Im7fZcdwXrQibj2SELk/fzmX/HRfMJVYXPS/qxcaRg== =Zbut -----END PGP SIGNATURE-----
