[GTALUG] urgent: Red Hat distros have an update that renders some systems unbootable
Russell Reiter
rreiter91 at gmail.com
Sat Aug 1 16:21:57 EDT 2020
On Sat, Aug 1, 2020 at 3:50 PM Russell Reiter <rreiter91 at gmail.com> wrote:
Correction.
On Sat, Aug 1, 2020 at 2:57 PM David Collier-Brown via talk <talk at gtalug.org>
> wrote:
>
>>
>> On 2020-08-01 1:26 p.m., Russell Reiter via talk wrote:
>>
>>
>>
>> On Sat, Aug 1, 2020 at 12:03 PM D. Hugh Redelmeier via talk <
>> talk at gtalug.org> wrote:
>>
>>> https://access.redhat.com/solutions/5272311
>>>
>>> https://arstechnica.com/gadgets/2020/07/red-hat-and-centos-systems-arent-booting-due-to-boothole-patches/
>>>
>>> Don't do upgrades to Fedora, RHEL, CentOS until you read those.
>>>
>>
>> I'm not sure if it was necessary or not, but I killed all my
>> dnfdragora-updater processes and also commented out the contents of
>> /etc/xdg/autostart/org.mageia.dnfdragora-updater.desktop so that
>> dnfdragora-updater dies if it tries to run
>>
>> That's for the xfce spin of Fedora 31...
>>
>> Now all I have to do is remember to re-enable it after the bug is fixed
>> (;-))
>>
>
> I did
>
> rpm -qa grub2-\* shim-\* --qf "%{SOURCERPM}\n" | sort | uniq
>
> on my Fedora and got
>
> grub2-2.02-109.fc31.src.rpm
> shim-15-8.src.rpm
>
> so my version is ok.
>
> It looks like this problem was caused by a patch which then allowed a
> malformed token to cause a buffer overflow.
>
>
Sorry, not a patch but a native flaw in grub's handling of UEFI Secure Boot
which is the BootHole. It appears it's the patch which currently borks
system booting, which is why downgrading grub and shim is suggested.
>
>
>> --
>> David Collier-Brown, | Always do right. This will gratify
>> System Programmer and Author | some people and astonish the restdavecb at spamcop.net | -- Mark Twain
>>
>> ---
>> Post to this mailing list talk at gtalug.org
>> Unsubscribe from this mailing list
>> https://gtalug.org/mailman/listinfo/talk
>>
>
>
> --
> Russell
>
--
Russell
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/talk/attachments/20200801/b164f681/attachment.html>
More information about the talk
mailing list