File _patchinfo of Package patchinfo.1581

<patchinfo incident="1581">
  <issue id="774666" tracker="bnc">grub2 does not offer a Xen entry after installing hypervisor and tools</issue>
  <issue id="917427" tracker="bnc">LUKS encrypted LVM without separate "/boot" fails using UEFI secure boot</issue>
  <issue id="946148" tracker="bnc">snapshot enabled causes Xen pv guest to not boot</issue>
  <issue id="952539" tracker="bnc">Unable to boot Xen PV guest after installing with /boot on ext2/3/4</issue>
  <issue id="954126" tracker="bnc">Unable to boot Windows partition when SecureBoot is enabled</issue>
  <issue id="954519" tracker="bnc">Failure to set grub2 password</issue>
  <issue id="955493" tracker="bnc">boot config generated by grub2-mkconfig (patched) on Leap 42.1 xen + kernel-xen + grub2 on EFI hardware/disk partition is unbootable; forces drop to EFI shell</issue>
  <issue id="955609" tracker="bnc">Please repair BUG ID 917427  as it was for Tumbleweed</issue>
  <issue id="956631" tracker="bnc">VUL-0: EMBARGOED: CVE-2015-8370: grub2: overflows in grub_password_get and grub_user_get</issue>
  <issue id="CVE-2015-8370" tracker="cve"/>
  <category>security</category>
  <rating>important</rating>
  <packager>michael-chang</packager>
  <description>

- Fix buffer overflows when reading username and password. (bsc#956631, CVE-2015-8370)
- Check MS-DOS header to find PE file header. (bsc#954126)
- Use dirname for copying Xen kernel and initrd to esp. (bsc#955493)
- Fix reading password by grub2-mkpasswd-pbdk2 without controlling tty. (bsc#954519)
- Add luks, gcry_rijndael and gcry_sha1 to signed EFI image to support LUKS partition
  in default setup. (bsc#917427, bsc#955609)
- Expand list of grub.cfg search path in PV Xen guests for systems installed on btrfs
  snapshots. (bsc#946148, bsc#952539)
</description>
  <summary>Security update for grub2</summary>
</patchinfo>