-
grub2 (2.04-1ubuntu26.17) focal; urgency=medium
* linux_xen: Properly handle multiple initrd files (LP: #1987567)
- d/p/linux_xen-Properly-load-multiple-initrd-files.patch
- d/p/linux_xen-Properly-order-multiple-initrd-files.patch
-- Mauricio Faria de Oliveira <email address hidden> Sun, 18 Dec 2022 18:29:03 -0300
-
grub2 (2.04-1ubuntu26.16) focal; urgency=medium
* grub-multi-install: Reset partition type between partitions (LP: #1997795)
-- Julian Andres Klode <email address hidden> Fri, 02 Dec 2022 16:20:54 +0100
-
grub2 (2.04-1ubuntu26.15) focal; urgency=medium
[ Mauricio Faria de Oliveira ]
* Call hwmatch only on the grub-pc platform (LP: #1840560)
grub2 (2.04-1ubuntu26.14) focal; urgency=medium
* grub-check-signatures: Support gzip compressed kernels (LP: #1954683)
-- Julian Andres Klode <email address hidden> Tue, 11 Jan 2022 16:09:48 +0100
-
grub2 (2.04-1ubuntu26.13) focal; urgency=medium
[ Julian Andres Klode ]
* unapply all patches, use gbp pq instead of git-dpm
[ Dimitri John Ledkov ]
* 10_linux: emit messages when initrdless boot is configured, attempted and
fails triggering fallback. LP: #1901553
* grub-common.service: port init.d script to systemd unit. Add warning
message, when initrdless boot fails triggering fallback. LP: #1901553
* debian/grub-common.service: change type to oneshot, add wantedby
sleep.target, after sleep.target. The service will now start after resume
from hybernation. (LP: #1929860)
* grub-initrd-fallback.service: add wantedby sleep.target, after
sleep.target. The service will now start after resume from hybernation.
LP: #1929860
* grub-initrd-fallback.service, debian/grub-common.service: only start units
when booted with grub. Use presence of /boot/grub/grub.cfg as proxy. LP:
#1925507
-- Julian Andres Klode <email address hidden> Thu, 12 Aug 2021 11:18:25 +0200
-
grub2 (2.04-1ubuntu26.12) focal; urgency=medium
* Bump the version number in the replaces for grub-efi-* to account for
newer packages in bionic from grub2-unsigned shipping the kernel hook
conffiles. LP: #1928674.
-- Steve Langasek <email address hidden> Wed, 19 May 2021 22:50:50 -0700
-
grub2 (2.04-1ubuntu26.11) focal; urgency=medium
[ Dimitri John Ledkov & Steve Langasek ]
* Relax dependencies to allow grub-efi be installed with later versions
of grub-efi-amd64. Stop building grub-efi-amd64|arm64{-bin,dbg}
packages, now provided by src:grub2-unsigned. LP: #1915536
-- Dimitri John Ledkov <email address hidden> Wed, 24 Feb 2021 19:33:38 +0000
-
grub2 (2.04-1ubuntu26.9) focal; urgency=medium
* Revert: rhboot-f34-tcp-add-window-scaling-support.patch,
rhboot-f34-support-non-ethernet.patch,
ubuntu-fixup-rhboot-f34-support-non-ethernet.patch,
ubuntu-fixup-rhboot-f34-support-non-ethernet-2.patch: these break MAAS
LXD KVM pod deployments. LP: #1915288
* Cherrypick fix crash in http LP: #1915288
* Fix grub-initrd-fallback.service thanks to JawnSmith LP: #1910815
-- Dimitri John Ledkov <email address hidden> Fri, 12 Feb 2021 22:03:32 +0000
-
grub2 (2.04-1ubuntu26.8) focal; urgency=medium
* debian/patches/grub-install-backup-and-restore.patch: Fix-up the patch
to correctly initialyze the names of the modules to restore. LP:
#1907085
* rhboot-f34-make-exit-take-a-return-code.patch,
rhboot-f34-dont-use-int-for-efi-status.patch: allow grub to exit
non-zero under EFI, this should allow falling back to the next
BootOrder BootEntry. LP: #1865515
* rhboot-f34-tcp-add-window-scaling-support.patch: speed up netboot
transfer speed. LP: #1911439
* rhboot-f34-support-non-ethernet.patch,
ubuntu-fixup-rhboot-f34-support-non-ethernet.patch,
ubuntu-fixup-rhboot-f34-support-non-ethernet-2.patch:
add support for link layer addresses of up to 32-bytes. LP: #1911439
* rhboot-f34-make-pmtimer-tsc-calibration-fast.patch:
speed up calibration time, especially when booting VMs. LP: #1911439
* minilzo: built using the distribution's minilzo. LP: #1911440
-- Dimitri John Ledkov <email address hidden> Wed, 13 Jan 2021 14:12:38 +0000
-
grub2 (2.04-1ubuntu26.7) focal; urgency=medium
* Avoid "EFI stub: FIRMWARE BUG" message when booting >= 5.7 kernels
on arm64 by setting the image base address before jumping to the
PE/COFF entry point LP: #1900774
* Fix tftp timeouts when fetching large files. LP: #1900773
-- dann frazier <email address hidden> Thu, 12 Nov 2020 16:15:13 -0700
-
grub2 (2.04-1ubuntu26.6) focal; urgency=medium
* postinst.in, grub-multi-install: fix logic of skipping installing onto
any device, if one chose to not install bootloader on any device. LP:
#1896608
* Do not finalize params twice on arm64. LP: #1897819
grub2 (2.04-1ubuntu26.5) focal; urgency=medium
* ubuntu-linuxefi-arm64.patch: Fix build on armhf (LP: #1862279)
-- Dimitri John Ledkov <email address hidden> Thu, 01 Oct 2020 23:19:24 +0800
-
grub2 (2.04-1ubuntu26.5) focal; urgency=medium
* ubuntu-linuxefi-arm64.patch: Fix build on armhf (LP: #1862279)
-- Julian Andres Klode <email address hidden> Wed, 16 Sep 2020 13:01:19 +0200
-
grub2 (2.04-1ubuntu26.4) focal; urgency=medium
* grub-install: cherry-pick patch from grub-devel to make grub-install
fault tolerant. Create backup of files in /boot/grub, and restore them
on failure to complete grub-install. LP: #1891680
* postinst.in: do not exit successfully when failing to show critical
grub-pc/install_devices_failed and grub-pc/install_devices_empty
prompts in non-interactive mode. This enables surfacing upgrade errors
to the users and/or automation. LP: #1891680
* postinst.in: do not attempt to call grub-install upon fresh install of
grub-pc because it it a job of installers to do that after fresh
install. Fixup for the issue unmasked by above. LP: #1891680
* grub-multi-install: fix non-interactive failures for grub-efi like it
was fixed in postinst for grub-pc. LP: #1891680
* postinst.in: Fixup postinst.in, to attempt grub-install upon explicit
dpkg-reconfigure grub-pc. LP: #1892526
-- Dimitri John Ledkov <email address hidden> Tue, 08 Sep 2020 11:24:35 +0100
-
grub2 (2.04-1ubuntu26.3) focal; urgency=medium
* 2.04-1ubuntu27 and 2.04-1ubuntu28 folded together for focal
* debian/patches/ubuntu-flavour-order.patch:
- Add a (hidden) GRUB_FLAVOUR_ORDER setting that can mark certain kernel
flavours as preferred, and specify an order between those preferred
flavours (LP: #1882663)
* debian/patches/ubuntu-zfs-enhance-support.patch:
- Use version_find_latest for ordering kernels, so it also supports
the GRUB_FLAVOUR_ORDER setting.
* debian/patches/ubuntu-dont-verify-loopback-images.patch:
- disk/loopback: Don't verify loopback images (LP: #1878541),
Thanks to Chris Coulson for the patch
* debian/patches/ubuntu-recovery-dis_ucode_ldr.patch
- Pass dis_ucode_ldr to kernel for recovery mode (LP: #1831789)
* debian/patches/ubuntu-add-initrd-less-boot-fallback.patch:
- Merge changes from xnox to fix multiple initrds support (LP: #1878705)
* debian/patches/ubuntu-clear-invalid-initrd-spacing.patch:
- Remove, no longer needed thanks to xnox's patch
* Ensure that grub-multi-install can always find templates (LP: #1879948)
-- Julian Andres Klode <email address hidden> Mon, 17 Aug 2020 16:04:31 +0200
-
grub2 (2.04-1ubuntu26.2) focal; urgency=medium
* debian/postinst.in: Avoid calling grub-install on upgrade of the grub-pc
package, since we cannot be certain that it will install to the correct
disk and a grub-install failure will render the system unbootable.
LP: #1889556.
-- Steve Langasek <email address hidden> Thu, 30 Jul 2020 17:34:25 -0700
-
grub2 (2.04-1ubuntu26.1) focal; urgency=medium
[ Julian Andres Klode ]
* Move gettext patches out of git-dpm's way, so it does not delete them
[ Chris Coulson ]
* SECURITY UPDATE: Heap buffer overflow when encountering commands that
cannot be tokenized to less than 8192 characters.
- 0082-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch: Make
fatal lexer errors actually be fatal
- CVE-2020-10713
* SECURITY UPDATE: Multiple integer overflow bugs that could result in
heap buffer allocations that were too small and subsequent heap buffer
overflows when handling certain filesystems, font files or PNG images.
- 0083-safemath-Add-some-arithmetic-primitives-that-check-f.patch: Add
arithmetic primitives that allow for overflows to be detected
- 0084-calloc-Make-sure-we-always-have-an-overflow-checking.patch:
Make sure that there is always an overflow checking implementation
of calloc() available
- 0085-calloc-Use-calloc-at-most-places.patch: Use calloc where
appropriate
- 0086-malloc-Use-overflow-checking-primitives-where-we-do-.patch: Use
overflow-safe arithmetic primitives when performing allocations
based on the results of operations that might overflow
- 0094-hfsplus-fix-two-more-overflows.patch: Fix integer overflows in
hfsplus
- 0095-lvm-fix-two-more-potential-data-dependent-alloc-over.patch: Fix
more potential integer overflows in lvm
- CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
* SECURITY UPDATE: Use-after-free when executing a command that causes
a currently executing function to be redefined.
- 0092-script-Remove-unused-fields-from-grub_script_functio.patch:
Remove unused fields from grub_script_function
- 0093-script-Avoid-a-use-after-free-when-redefining-a-func.patch:
Avoid a use-after-free when redefining a function during execution
- CVE-2020-15706
* SECURITY UPDATE: Integer overflows that could result in heap buffer
allocations that were too small and subsequent heap buffer overflows
during initrd loading.
- 0105-linux-Fix-integer-overflows-in-initrd-size-handling.patch: Fix
integer overflows in initrd size handling
- 0106-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch: Fix
integer overflows in linuxefi grub_cmd_initrd
- CVE-2020-15707
* Various fixes as a result of code review and static analysis:
- 0087-iso9660-Don-t-leak-memory-on-realloc-failures.patch: Fix a
memory leak on realloc failures when processing symbolic links
- 0088-font-Do-not-load-more-than-one-NAME-section.patch: Fix a
memory leak when processing font files with more than one NAME
section
- 0089-gfxmenu-Fix-double-free-in-load_image.patch: Zero self->bitmap
after it is freed in order to avoid a potential double free later on
- 0090-lzma-Make-sure-we-don-t-dereference-past-array.patch: Fix an
out-of-bounds read in LzmaEncode
- 0091-tftp-Do-not-use-priority-queue.patch: Refactor tftp to not use
priority queues and fix a double free
- 0096-efi-fix-some-malformed-device-path-arithmetic-errors.patch: Fix
various arithmetic errors with malformed device paths
- 0098-Fix-a-regression-caused-by-efi-fix-some-malformed-de.patch: Fix
a NULL deref in the chainloader command introduced by a previous
patch
- 0099-efi-Fix-use-after-free-in-halt-reboot-path.patch: Fix a
use-after-free in the halt and reboot commands by not freeing
allocated memory in these paths
- 0100-chainloader-Avoid-a-double-free-when-validation-fail.patch:
Avoid a double free in the chainloader command when validation fails
- 0101-relocator-Protect-grub_relocator_alloc_chunk_addr-in.patch:
Protect grub_relocator_alloc_chunk_addr input arguments against
integer overflow / underflow
- 0102-relocator-Protect-grub_relocator_alloc_chunk_align-m.patch:
Protect grub_relocator_alloc_chunk_align max_addr argument against
integer underflow
- 0103-relocator-Fix-grub_relocator_alloc_chunk_align-top-m.patch: Fix
grub_relocator_alloc_chunk_align top memory allocation
- 0104-linux-loader-avoid-overflow-on-initrd-size-calculati.patch:
Avoid overflow on initrd size calculation
[ Dimitri John Ledkov ]
* SECURITY UPDATE: Grub does not enforce kernel signature validation
when the shim protocol isn't present.
- 0097-linuxefi-fail-kernel-validation-without-shim-protoco.patch:
Fail kernel validation if the shim protocol isn't available
- CVE-2020-15705
-- Chris Coulson <email address hidden> Mon, 20 Jul 2020 19:19:08 +0100
-
grub2 (2.04-1ubuntu26) focal; urgency=medium
[ Julian Andres Klode ]
* Move /boot/efi -> debconf migration into wrapper, so it runs everywhere
(LP: #1872077)
* Display disk name and size in the ESP selection dialog, instead of ???
[ Sebastien Bacher ]
* debian/patches/gettext,
debian/patches/rules:
- backport upstream patches to fix the list of translated strings,
reported on the ubuntu-translators mailing list. The changes would
be overwritten by autoreconf so applying from a rules override.
-- Julian Andres Klode <email address hidden> Wed, 15 Apr 2020 13:31:27 +0200
-
grub2 (2.04-1ubuntu25) focal; urgency=medium
[ Jean-Baptiste Lallement ]
[ Didier Roche ]
* debian/patches/ubuntu-zfs-enhance-support.patch:
- fix trailing } when no advanced menu is printed
- ensure we unmount all temporary snapshots path before zfs collect them
out.
* debian/patches/ubuntu-speed-zsys-history.patch:
- Speed up navigating zsys history by reducing greatly grub.cfg file size.
It used to take eg 80 seconds when loading 100 system snapshots. This is
now instantaneous by using a function with parameters that the users can
still easily edit.
-- Didier Roche <email address hidden> Mon, 13 Apr 2020 15:17:42 +0200
-
grub2 (2.04-1ubuntu24) focal; urgency=medium
* Support installing to multiple ESPs (LP: #1871821)
-- Julian Andres Klode <email address hidden> Thu, 09 Apr 2020 12:51:07 +0200
-
grub2 (2.04-1ubuntu23) focal; urgency=medium
[ Jean-Baptiste Lallement ]
[ Didier Roche ]
* Performance improvements for update-grub on ZFS systems (LP: #1869885)
-- Didier Roche <email address hidden> Tue, 31 Mar 2020 15:30:36 +0200
-
grub2 (2.04-1ubuntu22) focal; urgency=medium
* smbios: Add a --linux argument to apply linux modalias-like filtering
* Make the linux command in EFI grub always try EFI handover; thanks
to Chris Coulson for the patches (LP: #1864533)
-- Julian Andres Klode <email address hidden> Wed, 11 Mar 2020 17:46:35 +0100
-
grub2 (2.04-1ubuntu21) focal; urgency=medium
* Make ZFS menu generation depending on new zsysd binary instead of eoan
zsys compatibility symlink.
-- Didier Roche <email address hidden> Wed, 26 Feb 2020 09:59:49 +0100
-
grub2 (2.04-1ubuntu20) focal; urgency=medium
* build-efi-images: do not produce -installer.efi.signed. LP: #1863994
grub2 (2.04-1ubuntu19) focal; urgency=medium
* uefi-firmware: rename fwsetup menuentry to UEFI Firmware Settings
(LP: #1864547)
* build-efi-images: add smbios module to the prebuilt signed EFI images
(LP: #1856424)
-- Dimitri John Ledkov <email address hidden> Tue, 25 Feb 2020 01:11:31 +0000
-
grub2 (2.04-1ubuntu19) focal; urgency=medium
* uefi-firmware: rename fwsetup menuentry to UEFI Firmware Settings
(LP: #1864547)
* build-efi-images: add smbios module to the prebuilt signed EFI images
(LP: #1856424)
-- Dimitri John Ledkov <email address hidden> Mon, 24 Feb 2020 20:34:13 +0000
-
grub2 (2.04-1ubuntu18) focal; urgency=medium
* Cherry-pick fix from Colin W. in debian to build with python3.
-- Didier Roche <email address hidden> Thu, 06 Feb 2020 18:37:44 +0100
-
grub2 (2.04-1ubuntu17) focal; urgency=medium
* Fix ZFS menu generation with ZFS 0.8.x where mounted datasets can’t list
snapshots due to an upstream change.
https://github.com/zfsonlinux/zfs/issues/9958
-- Didier Roche <email address hidden> Thu, 06 Feb 2020 18:20:16 +0100
-
grub2 (2.04-1ubuntu16) focal; urgency=medium
* Revert "Add smbios module to build-efi-images script" from previous
upload, pending review see https://bugs.launchpad.net/bugs/1856424
-- Dimitri John Ledkov <email address hidden> Sun, 15 Dec 2019 01:28:49 +0000
-
grub2 (2.04-1ubuntu15) focal; urgency=medium
* ubuntu-efi-allow-loopmount-chainload.patch:
- Enable chainloading EFI apps from loopmounts
* cherrypick-lsefisystab-define-smbios3.patch:
* cherrypick-smbios-modules.patch:
- Cherrypick from 2.05 module for retrieving SMBIOS information
* cherrypick-lsefisystab-show-dtb.patch:
- If dtb is provided by the firmware / DtbLoader driver, display it in
human form, rather than just UUID
* Add smbios module to build-efi-images script
-- Dimitri John Ledkov <email address hidden> Fri, 13 Dec 2019 11:24:21 +0000
-
grub2 (2.04-1ubuntu14) focal; urgency=medium
* debian/patches/ubuntu-zfs-enhance-support.patch:
- Handle the case where grub-probe returns several devices for a single
pool (LP: #1848856). Thanks jpb for the report and the proposed patch.
- Add savedefault to non-recovery entries (LP: #1850202). Thanks Deltik
for the patch.
- Do not crash on invalid fstab and report the invalid entry.
(LP: #1849347) Thanks Deltik for the patch.
- When a pool fails to import, catch and display the error message and
continue with other pools. Import all the pools in readonly mode so we
can import other pools with unsupported features (LP: #1848399) Thanks
satmandu for the investigation and the proposed patch
-- Jean-Baptiste Lallement <email address hidden> Mon, 18 Nov 2019 11:22:43 +0100
-
grub2 (2.04-1ubuntu13) focal; urgency=medium
* debian/patches/ubuntu-tpm-unknown-error-non-fatal.patch: treat "unknown"
TPM errors as non-fatal, but still write up the details as debug messages
so we can further track what happens with the systems throwing those up.
(LP: #1848892)
* debian/patches/ubuntu-linuxefi.patch: Drop extra check for Secure Boot
status in linuxefi_secure_validate(); it's unnecessary and blocking boot
in chainload (like chainloading Windows) when SB is disabled.
(LP: #1845289)
-- Mathieu Trudel-Lapierre <email address hidden> Thu, 31 Oct 2019 17:58:47 -0400
-
grub2 (2.04-1ubuntu12) eoan; urgency=medium
* Move our identifier to com.ubuntu
As we are not going to own org.zsys, move our identifier under
com.ubuntu.zsys (LP: #1847711)
-- Didier Roche <email address hidden> Fri, 11 Oct 2019 15:57:47 +0200
