search for: eclypsium

We are aware of the Boot Hole vulnerability in grub2 (CVE-2020-1073) and are working on releasing new packages for CentOS Linux 7, CentOS Linux 8 and CentOS Stream in response. These should make it out to a mirror near you shortly. /!\ Secureboot Systems - Please do a full update /!\ CentOS Linux 8 and CentOS Stream systems with secureboot enabled MUST update the kernel, grub2, and shim

...CentOS-announce mailing list > CentOS-announce at centos.org > https://lists.centos.org/mailman/listinfo/centos-announce This is a minor correction to the CVE number referenced in this earlier post. CVE-2020-10713 is the correct assignment. This is a link to the research article: https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ And a link to the post on OSS Security with details about related CVEs: https://www.openwall.com/lists/oss-security/2020/07/29/3 ? ------------------------------ Message: 3 Date: Thu, 30 Jul 2020 00:08:16 +0000 From: Johnny Hughes <johnny at cento...

> Am 01.08.2020 um 23:52 schrieb Leon Fauster via CentOS <centos at centos.org>: > > ?Am 01.08.20 um 23:41 schrieb Kay Schenk: >> Well misery loves company but still...just truly unfathomable! >> Time for a change. > > > I can only express my incomprehension for such statements! > > Stay and help. Instead running away or should I say out of the >