ELSA-2025-20532-0

Описание

[2.06-114.0.1]

• Update grub2 dependencies to match new Secure Boot certificate chain of trust [Orabug: 37766761]
• Fix typo in SBAT metadata [Orabug: 37693946]
• Allow installation of grub2 only with shim-aa64 that allows booting it [Orabug: 37693946]
• net/dns: Fix removal of DNS server [Orabug: 37539625]
• net/dns: Simplify error handling of recv_hook() function [Orabug: 37539625]
• net/dns: Add debugging messages in recv_hook() function [Orabug: 37539625]
• net/dns: Fix lookup error when no IPv6 is returned [Orabug: 37539625]
• efinet: close and reopen network card on failure [Orabug: 35126950], [Orabug: 37747175]
• efinet: Correct closing of SNP protocol [Orabug: 35126950], [Orabug: 37747175]
• Support setting custom kernels as default kernels [Orabug: 36043978]
• Bump SBAT metadata for grub to 3 [Orabug: 34872719]
• Fix CVE-2022-3775 [Orabug: 34871953]
• Enable signing for aarch64 EFI
• Fix signing certificate names
• Enable back btrfs grub module for EFI pre-built image [Orabug: 34360986]
• Replaced bugzilla.oracle.com references [Orabug: 34202300]
• Update provided certificate version to 202204 [JIRA: OLDIS-16371]
• Various coverity fixes [JIRA: OLDIS-16371]
• bump SBAT generation
• Update bug url [Orabug: 34202300]
• Revert provided certificate version back to 202102 [JIRA: OLDIS-16371]
• Update signing certificate [JIRA: OLDIS-16371]
• fix SBAT data [JIRA: OLDIS-16371]
• Update requires [JIRA: OLDIS-16371]
• Rebuild for SecureBoot signatures [Orabug: 33801813]
• Do not add shim and grub certificate deps for aarch64 packages [Orabug: 32670033]
• Update Oracle SBAT data [Orabug: 32670033]
• Use new signing certificate [Orabug: 32670033]
• honor /etc/sysconfig/kernel DEFAULTKERNEL setting for BLS [Orabug: 30643497]
• set EFIDIR as redhat for additional grub2 tools [Orabug: 29875597]
• Update upstream references [Orabug: 26388226]
• Insert Unbreakable Enterprise Kernel text into BLS config file [Orabug: 29417955]
• Put 'with' in menuentry instead of 'using' [Orabug: 18504756]
• Use different titles for UEK and RHCK kernels [Orabug: 18504756]

[2.06-114]

• spec: Update signing key to redhatsecureboot802
• Resolves: #RHEL-116729

[2.06-113]

• sbat: add new sbat entry for centos
• Resolves: #RHEL-108060

[2.06-112]

• Set correctly the memory attributes for the kernel PE sections
• Resolves: #RHEL-106075

[2.06-111]

• spec/posttrans: move grub config stub creation out of spec
• Resolves: #RHEL-69944

[2.06-110]

• osdep/linux/getroot: Detect DDF container similar to IMSM
• Resolves: #RHEL-44336

[2.06-109]

• Handle special kernel parameter characters properly
• Resolves: #RHEL-64297

[2.06-108]

• ieee1275: Appended signature support
• Resolves: #RHEL-24742

[2.06-107]

• Remove BLS fake config in case of kernel removal
• Resolves: #RHEL-83915

[2.06-106]

• sbat: bump grub sbat for new shim release
• Resolves: #RHEL-91278