This bug was fixed in the package grub2-unsigned - 2.12~rc1-4ubuntu1
--------------- grub2-unsigned (2.12~rc1-4ubuntu1) mantic; urgency=medium
* Merge from Debian unstable (LP: #2028947); remaining changes: - Add Ubuntu sbat data - build-efi-images: do not produce -installer.efi.signed. LP: 1863994 - grub-common: Install canonical-uefi-ca.crt - Check signatures - Support installing to multiple ESP (LP: 1871821) - Disable various bits on i386 - Split out unsigned artefacts into grub2-unsigned - Vcs-Git: Point to ubuntu packaging branch - Relax dependencies on grub-common and grub2-common - grub-pc: Avoid the possibility of breaking grub on SRU update due to ABI change - UBUNTU: Default timeout changes - Revert "Add jfs module to signed UEFI images. Closes: #950959" - Revert "Add f2fs module to signed UEFI images" - Install grub-initrd-fallback.service again - Build using -O1 on s390x to avoid misoptimization - grub-check-signatures: Support gzip compressed kernels (LP: #1954683) - grub-multi-install: Reset partition type between partitions (LP: #1997795) - Drop i386 from grub-efi-amd64* (LP: #2020907) - Turn depends on grub-efi-amd64/arm64 unversioned - forward port fix for LP: #1926748 - Make the grub2/no_efi_extra_removable setting work correctly - Forward port the fix for LP: #1930742 and make it conditional (xenial/bionic only) - Build grub2-unsigned packages with xz compression - Replaced patches: - installe-signed.patched - grub-install-extra-removable.patch - grub-install-removable-shim.patch - Added patches: + rhboot-f34-dont-use-int-for-efi-status.patch + rhboot-f34-make-exit-take-a-return-code.patch + suse-grub.texi-add-net_bootp6-document.patch + ubuntu-add-devicetree-command-support.patch + ubuntu-add-initrd-less-boot-fallback.patch + ubuntu-add-initrd-less-boot-messages.patch + ubuntu-boot-from-multipath-dependent-symlink.patch + ubuntu-dont-verify-loopback-images.patch + ubuntu-fix-lzma-decompressor-objcopy.patch + ubuntu-grub-install-extra-removable.patch + ubuntu-install-signed.patch + ubuntu-mkconfig-leave-breadcrumbs.patch + ubuntu-os-prober-auto.patch + ubuntu-recovery-dis_ucode_ldr.patch + ubuntu-resilient-boot-boot-order.patch + ubuntu-resilient-boot-ignore-alternative-esps.patch + ubuntu-shorter-version-info.patch + ubuntu-speed-zsys-history.patch + ubuntu-support-initrd-less-boot.patch + ubuntu-verifiers-last.patch + ubuntu-zfs-enhance-support.patch + ubuntu-zfs-gfxpayload-dynamic.patch + ubuntu-zfs-gfxpayload-keep-default.patch + ubuntu-zfs-insmod-xzio-and-lzopio-on-xen.patch + ubuntu-zfs-mkconfig-recovery-title.patch + ubuntu-zfs-mkconfig-signed-kernel.patch + ubuntu-zfs-mkconfig-ubuntu-distributor.patch + ubuntu-zfs-mkconfig-ubuntu-recovery.patch + ubuntu-zfs-vt-handoff.patch * Dropped Ubuntu changes: - All the rhboot loader patches - Temporarily, support for GRUB_FLAVOUR_ORDER - RISC-V patches, applied upstream: + efi-add-definition-of-LoadFile2-protocol.patch + efi-correct-struct-grub_efi_boot_services.patch + efi-implemented-LoadFile2-initrd-loading-protocol-fo.patch + efi-implement-grub_efi_run_image.patch + RISC-V-Update-image-header.patch + RISC-V-Use-common-linux-loader.patch + riscv-adjust-march-flags-for-binutils-2.38.patch + upstream/riscv-handle-r-riscv-call-plt-reloc.patch + loader-drop-argv-argument-in-grub_initrd_load.patch + loader-Move-arm64-linux-loader-to-common-code.patch - Networking patches (rebasing still WIP): + cherrypick-efi-grub_efi_close_protocol.patch + cherrypick-efinet-correct-closing-snp-protocol.patch + efinet-uefi-ipv6-pxe-support.patch + suse-add-support-for-UEFI-network-protocols.patch + suse-AUDIT-0-http-boot-tracker-bug.patch - Red Hat boot loader, replaced by upstream: + linuxefi-do-not-validate-kernels-twice.patch + linuxefi-Invalidate-i-cache-before-starting-the-kern.patch + rhboot-bounce-buffers.patch + rhboot-efi-allocate-in-kernel-bounds.patch + rhboot-efi-allocate-kernel-as-code-for-real.patch + rhboot-efi-allocate-kernel-as-code.patch + rhboot-efi-enumerated-array-for-allocation-choice.patch + rhboot-efi-fix-incorrect-array-size.patch + rhboot-efi-initrd-above-4gb.patch + rhboot-efi-kernel-allocator.patch + rhboot-efi-rearrange-grub-cmd-linux.patch + rhboot-efi-split-allocation-policy.patch + rhboot-f34-efinet-also-use-the-firmware-acceleration-for-http.patch + rhboot-f34-make-pmtimer-tsc-calibration-fast.patch + rhboot-try-to-pick-better-locations-for-kernel-and-initrd.patch + ubuntu-linuxefi-arm64.patch + ubuntu-linuxefi-arm64-set-base-addr.patch + ubuntu-linuxefi.patch + ubuntu-rhboot-cast-fixups.patch + ubuntu-efi-allow-loopmount-chainload.patch + ubuntu-efi-loader-code.patch - Security patches, applied upstream: + {0076...0161} security patches, applied upstream + font-*.patchi - security patches applied upstream + commands-efi-tpm-Use-grub_strcpy-instead-of-grub_memcpy.patch + fbutil-Fix-integer-overflow.patch + kern-efi-sb-Enforce-verification-of-font-files.patch + normal-charset-Fix-an-integer-overflow-in-grub_unicode_ag.patch - Misc patches, merged in Debian: + efi-EFI-Device-Tree-Fixup-Protocol.patch + efivar-check-that-efivarfs-is-writeable.patch + fat-fix-listing-the-root-directory.patch + fdt-add-debug-output-to-devicetree-command.patch + zstd-require-8-byte-buffer.patch + 0241-Call-hwmatch-only-on-the-grub-pc-platform.patch - Misc patches applied upstream: + 2.12-mm/* - applied upstream + ubuntu-fuse3.patch + xfs-fix-v4-superblock.patch + tpm-unknown-error-non-fatal.patch + commands-efi-tpm-Refine-the-status-of-log-event.patch + efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch + linux_xen-Properly-load-multiple-initrd-files.patch + linux_xen-Properly-order-multiple-initrd-files.patch + linux-ignore-FDT-unless-we-need-to-modify-it.patch + mkrescue-efi-modules.patch + tests-ahci-update-qemu-device-name.patch - No longer relevant: + ubuntu-disable-LOAD-FILE2-protocol-for-initrd-on-ARM.patch + ubuntu-temp-keep-auto-nvram.patch: was temporary in 2019 lol + ubuntu-skip-disk-by-id-lvm-pvm-uuid-entries.patch + no-devicetree-if-secure-boot.patch + no-insmod-on-sb.patch - To be rewritten later in this cycle: + ubuntu-flavour-order.patch - Coalesced into some other patches: + ubuntu-zfs-maybe-quiet.patch + ubuntu-zfs-quick-boot.patch * Source package generated from src:grub2 using make -f ./debian/rules generate-grub2-unsigned
-- Julian Andres Klode <email address hidden> Fri, 28 Jul 2023 15:34:32 +0200
This bug was fixed in the package grub2-unsigned - 2.12~rc1-4ubuntu1
---------------
grub2-unsigned (2.12~rc1-4ubuntu1) mantic; urgency=medium
* Merge from Debian unstable (LP: #2028947); remaining changes: efi.signed. LP: 1863994 uefi-ca. crt fallback. service again signatures: Support gzip compressed kernels (LP: #1954683) amd64/arm64 unversioned efi_extra_ removable setting work correctly signed. patched extra-removable .patch removable- shim.patch f34-dont- use-int- for-efi- status. patch f34-make- exit-take- a-return- code.patch texi-add- net_bootp6- document. patch add-devicetree- command- support. patch add-initrd- less-boot- fallback. patch add-initrd- less-boot- messages. patch boot-from- multipath- dependent- symlink. patch dont-verify- loopback- images. patch fix-lzma- decompressor- objcopy. patch grub-install- extra-removable .patch install- signed. patch mkconfig- leave-breadcrum bs.patch os-prober- auto.patch recovery- dis_ucode_ ldr.patch resilient- boot-boot- order.patch resilient- boot-ignore- alternative- esps.patch shorter- version- info.patch speed-zsys- history. patch support- initrd- less-boot. patch verifiers- last.patch zfs-enhance- support. patch zfs-gfxpayload- dynamic. patch zfs-gfxpayload- keep-default. patch zfs-insmod- xzio-and- lzopio- on-xen. patch zfs-mkconfig- recovery- title.patch zfs-mkconfig- signed- kernel. patch zfs-mkconfig- ubuntu- distributor. patch zfs-mkconfig- ubuntu- recovery. patch zfs-vt- handoff. patch definition- of-LoadFile2- protocol. patch struct- grub_efi_ boot_services. patch -LoadFile2- initrd- loading- protocol- fo.patch grub_efi_ run_image. patch Update- image-header. patch Use-common- linux-loader. patch march-flags- for-binutils- 2.38.patch riscv-handle- r-riscv- call-plt- reloc.patch drop-argv- argument- in-grub_ initrd_ load.patch Move-arm64- linux-loader- to-common- code.patch efi-grub_ efi_close_ protocol. patch efinet- correct- closing- snp-protocol. patch uefi-ipv6- pxe-support. patch support- for-UEFI- network- protocols. patch 0-http- boot-tracker- bug.patch do-not- validate- kernels- twice.patch Invalidate- i-cache- before- starting- the-kern. patch bounce- buffers. patch efi-allocate- in-kernel- bounds. patch efi-allocate- kernel- as-code- for-real. patch efi-allocate- kernel- as-code. patch efi-enumerated- array-for- allocation- choice. patch efi-fix- incorrect- array-size. patch efi-initrd- above-4gb. patch efi-kernel- allocator. patch efi-rearrange- grub-cmd- linux.patch efi-split- allocation- policy. patch f34-efinet- also-use- the-firmware- acceleration- for-http. patch f34-make- pmtimer- tsc-calibration -fast.patch try-to- pick-better- locations- for-kernel- and-initrd. patch linuxefi- arm64.patch linuxefi- arm64-set- base-addr. patch linuxefi. patch rhboot- cast-fixups. patch efi-allow- loopmount- chainload. patch efi-loader- code.patch efi-tpm- Use-grub_ strcpy- instead- of-grub_ memcpy. patch Fix-integer- overflow. patch sb-Enforce- verification- of-font- files.patch charset- Fix-an- integer- overflow- in-grub_ unicode_ ag.patch Device- Tree-Fixup- Protocol. patch check-that- efivarfs- is-writeable. patch listing- the-root- directory. patch debug-output- to-devicetree- command. patch 8-byte- buffer. patch hwmatch- only-on- the-grub- pc-platform. patch v4-superblock. patch error-non- fatal.patch efi-tpm- Refine- the-status- of-log- event.patch Add-EFI_ CC_MEASUREMENT_ PROTOCOL- support. patch Properly- load-multiple- initrd- files.patch Properly- order-multiple- initrd- files.patch FDT-unless- we-need- to-modify- it.patch efi-modules. patch update- qemu-device- name.patch disable- LOAD-FILE2- protocol- for-initrd- on-ARM. patch temp-keep- auto-nvram. patch: was temporary in 2019 lol skip-disk- by-id-lvm- pvm-uuid- entries. patch if-secure- boot.patch on-sb.patch flavour- order.patch zfs-maybe- quiet.patch zfs-quick- boot.patch grub2-unsigned
- Add Ubuntu sbat data
- build-efi-images: do not produce -installer.
- grub-common: Install canonical-
- Check signatures
- Support installing to multiple ESP (LP: 1871821)
- Disable various bits on i386
- Split out unsigned artefacts into grub2-unsigned
- Vcs-Git: Point to ubuntu packaging branch
- Relax dependencies on grub-common and grub2-common
- grub-pc: Avoid the possibility of breaking grub on SRU update due
to ABI change
- UBUNTU: Default timeout changes
- Revert "Add jfs module to signed UEFI images. Closes: #950959"
- Revert "Add f2fs module to signed UEFI images"
- Install grub-initrd-
- Build using -O1 on s390x to avoid misoptimization
- grub-check-
- grub-multi-install: Reset partition type between partitions (LP: #1997795)
- Drop i386 from grub-efi-amd64* (LP: #2020907)
- Turn depends on grub-efi-
- forward port fix for LP: #1926748
- Make the grub2/no_
- Forward port the fix for LP: #1930742 and make it conditional (xenial/bionic only)
- Build grub2-unsigned packages with xz compression
- Replaced patches:
- installe-
- grub-install-
- grub-install-
- Added patches:
+ rhboot-
+ rhboot-
+ suse-grub.
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
* Dropped Ubuntu changes:
- All the rhboot loader patches
- Temporarily, support for GRUB_FLAVOUR_ORDER
- RISC-V patches, applied upstream:
+ efi-add-
+ efi-correct-
+ efi-implemented
+ efi-implement-
+ RISC-V-
+ RISC-V-
+ riscv-adjust-
+ upstream/
+ loader-
+ loader-
- Networking patches (rebasing still WIP):
+ cherrypick-
+ cherrypick-
+ efinet-
+ suse-add-
+ suse-AUDIT-
- Red Hat boot loader, replaced by upstream:
+ linuxefi-
+ linuxefi-
+ rhboot-
+ rhboot-
+ rhboot-
+ rhboot-
+ rhboot-
+ rhboot-
+ rhboot-
+ rhboot-
+ rhboot-
+ rhboot-
+ rhboot-
+ rhboot-
+ rhboot-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ ubuntu-
- Security patches, applied upstream:
+ {0076...0161} security patches, applied upstream
+ font-*.patchi - security patches applied upstream
+ commands-
+ fbutil-
+ kern-efi-
+ normal-
- Misc patches, merged in Debian:
+ efi-EFI-
+ efivar-
+ fat-fix-
+ fdt-add-
+ zstd-require-
+ 0241-Call-
- Misc patches applied upstream:
+ 2.12-mm/* - applied upstream
+ ubuntu-fuse3.patch
+ xfs-fix-
+ tpm-unknown-
+ commands-
+ efi-tpm-
+ linux_xen-
+ linux_xen-
+ linux-ignore-
+ mkrescue-
+ tests-ahci-
- No longer relevant:
+ ubuntu-
+ ubuntu-
+ ubuntu-
+ no-devicetree-
+ no-insmod-
- To be rewritten later in this cycle:
+ ubuntu-
- Coalesced into some other patches:
+ ubuntu-
+ ubuntu-
* Source package generated from src:grub2 using make -f ./debian/rules
generate-
-- Julian Andres Klode <email address hidden> Fri, 28 Jul 2023 15:34:32 +0200