Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2015.3160
grub2 security update
17 December 2015
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: grub2
Publisher: Debian
Operating System: Debian GNU/Linux 7
Debian GNU/Linux 8
Impact/Access: Administrator Compromise -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2015-8370
Reference: ESB-2015.3141
Original Bulletin:
http://www.debian.org/security/2015/dsa-3421
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3421-1 security@debian.org
https://www.debian.org/security/ Luciano Bello
December 16, 2015 https://www.debian.org/security/faq
- - -------------------------------------------------------------------------
Package : grub2
CVE ID : CVE-2015-8370
Debian Bug : 807614
Hector Marco and Ismael Ripoll, from Cybersecurity UPV Research Group,
found an integer underflow vulnerability in Grub2, a popular bootloader.
A local attacker can bypass the Grub2 authentication by inserting a
crafted input as username or password.
More information:
http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html
For the oldstable distribution (wheezy), this problem has been fixed
in version 1.99-27+deb7u3.
For the stable distribution (jessie), this problem has been fixed in
version 2.02~beta2-22+deb8u1.
For the unstable distribution (sid), this problem has been fixed in
version 2.02~beta2-33.
We recommend that you upgrade your grub2 packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJWca2YAAoJEG7C3vaP/jd0dlcP/RhoHne63QfnrnIquCwCZ/QP
xaeAcEHt4/4es0+vin1XGBoGQTXN+WcK11sxteoHnrGuI6Wc8JnLbKab/FkvHPKr
T/IiXrzqqjbN5LyE1aBRlfucFyIH4t23UEOEalqv5pXuG5Cf3ixVRcapsE2aOP3y
4bz506nn/3wqlnDxQrK1lsLJD1UliT4M4R9r7pAWUm4TAItxamq3f6RQWzhEB4FQ
l9mY8pVFQA00V8nrGOrOq50Q2BB8vS/ien+vWns4x34SM1s5CnJtJdqKRoi0CE1n
53+4Q8JgyJv3CEmqXBCfcA5j4lUTErAu2C7voS7UWFpuvTLl/L4b29VvOvBFPdab
fXQalh9TPq+SC2U5VIDfz9d+6vNXZrrl9JuEVmJW2obZuDcRuQ46AvMvlIOXliYC
rR4Ks6dPVwItaSPPi4zFX1cSqAiIwjNZlOGKDtZMpdOsxQ1S0S4LliAdrDvjFGgi
4z4eX1bj3Rmvt+GEoHax0Hr0rj4NUWeK+eXPHbpREULZk8b5XbX0mHSbyW1FZbiB
PUIJVS9x3jEqdCIJgjkQ+0RbF6mgBMebeRJL/jIfUf52GLfxbMsXvcr2syJKdZGm
+rP12n+vpZiFSfUbngwnUJYBTT1CNyn3AGJl4QTzbePWXtPQmSAEpeF4okJL7yRL
XRbVKamQzx2quRhDq97r
=OKnv
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVnIKtH6ZAP0PgtI9AQIQHg//cI/HxyPSomFi6N7rDgNJWjJ1/32rtisw
g04J/SeOG3RJ6/UpBEdmKeQ/WrY89bVkVB/7rK1byvnLp75mAEh328OEqfDeoYWx
Ff6Vr9q6pwb2u043/5U0Q/yEYPW1rjxmV6qQWSbV9DylgJzC3Y9mQVY3Gx9PE7hb
j0xpky2W2iFISBhza+NATO2P1ok7b0bF7Rfiys7k94hy24sA4djP6OQsFem57xQ0
KMORQxRHQo2hlzX7g+/GlKUNqArf/A4WvPU9qUyDotvnfiOgmIZlLZsUHHKlvHhY
GYuLptgaY9A9UQfO7mkFUbNQ5cTo6j0nKrVGCSOU4sXlxWGDueqIdHY1IjiOXSGZ
MrdZvmdtKuthUb7Qf70DIbJ7uzdYJ87sJVIqw2KErKL8E4Fs4LaC8vgnIBnOxuBE
plhPJ+diLtFAd4PfDmWEM5Ub40WPjaoeWa+NGMNTFiawei2hWBnN99nlXNx2X+8D
c3cNtLdgunE5lFSJXXZl3/ZjVOH4M/oC2vGXTBLLkYtOSZUfgnfp/6QQjpUFgCYa
yyWbbBIFghK88TmAz8lCcC+Ym7tYgms9qJU0xlKSZBbfs2/I5GTMKGHRNhDTWUvj
pAe+gobpRZ/sGudb19gy8p6AbDJz3TXMNiZEqwnLEEUzNrm9Ztdz6azCs9kv8+48
0VDrg/IMAlA=
=jTfD
-----END PGP SIGNATURE-----