File _patchinfo of Package patchinfo.16002

<patchinfo incident="16002">
  <issue tracker="cve" id="2020-14310"/>
  <issue tracker="cve" id="2020-14311"/>
  <issue tracker="cve" id="2020-10713"/>
  <issue tracker="cve" id="2020-15707"/>
  <issue tracker="cve" id="2020-14308"/>
  <issue tracker="cve" id="2020-15706"/>
  <issue tracker="cve" id="2020-14309"/>
  <issue tracker="bnc" id="1174463">VUL-0: CVE-2020-15706: grub2: script: Avoid a use-after-free when redefining a function during execution</issue>
  <issue tracker="bnc" id="1173812">VUL-0: CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311: grub2: avoid integer overflows</issue>
  <issue tracker="bnc" id="1174519">L3-Question: mounts empty after failed update</issue>
  <issue tracker="bnc" id="1084632">GCC 8: grub2 build fails</issue>
  <issue tracker="bnc" id="1168994">VUL-0: CVE-2020-10713: grub2: parsing overflows can bypass secure boot restrictions</issue>
  <issue tracker="bnc" id="1004959">grub2 has no armv7l support</issue>
  <issue tracker="bnc" id="1072648">[Build :4793:grub2.1512999379] openQA test fails in grub_test</issue>
  <issue tracker="bnc" id="1174570">VUL-0: CVE-2020-15707: grub2: linux: Fix integer overflows in initrd size handling</issue>
  <issue tracker="bnc" id="1175049">S:M:16002:223677: ppc64le system doens't boot after latest grub update</issue>
  <packager>michael-chang</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for grub2</summary>
  <description>This update for grub2 fixes the following issues:

- Fix for CVE-2020-10713 (bsc#1168994)
- Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
  (bsc#1173812)
- Fix for CVE-2020-15706 (bsc#1174463)
- Fix for CVE-2020-15707 (bsc#1174570)

- Use overflow checking primitives where the arithmetic expression for buffer
  allocations may include unvalidated data
- Fix packed-not-aligned error on GCC 8 (bsc#1084632)
- Fix "no symbol table" (bsc#1072648) (bsc#1174519)
</description>
</patchinfo>