File _patchinfo of Package patchinfo.41676

<patchinfo incident="41676">
  <issue tracker="cve" id="2025-54771"/>
  <issue tracker="cve" id="2025-61662"/>
  <issue tracker="cve" id="2025-61663"/>
  <issue tracker="cve" id="2025-61664"/>
  <issue tracker="cve" id="2025-61661"/>
  <issue tracker="bnc" id="1252933">VUL-0: EMBARGOED: CVE-2025-61662: grub2: Missing unregister call for gettext command may lead to use-after-free</issue>
  <issue tracker="bnc" id="1252934">VUL-0: EMBARGOED: CVE-2025-61663: grub2: Missing unregister call for normal commands may lead to use-after-free</issue>
  <issue tracker="bnc" id="1252931">VUL-0: EMBARGOED: CVE-2025-54771: grub2: grub_file_close() does not properly controls the fs refcount</issue>
  <issue tracker="bnc" id="1252932">VUL-0: EMBARGOED: CVE-2025-61661: grub2: Out-of-bounds write in grub_usb_get_string() function</issue>
  <issue tracker="bnc" id="1252935">VUL-0: EMBARGOED: CVE-2025-61664: grub2: Missing unregister call for normal_exit command may lead to use-after-free</issue>
  <packager>michael-chang</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for grub2</summary>
  <description>This update for grub2 fixes the following issues:

- CVE-2025-54771: Fixed rub_file_close() does not properly controls the fs refcount (bsc#1252931) 
- CVE-2025-61661: Fixed out-of-bounds write in grub_usb_get_string() function (bsc#1252932)
- CVE-2025-61662: Fixed missing unregister call for gettext command may lead to use-after-free (bsc#1252933) 
- CVE-2025-61663: Fixed missing unregister call for normal commands may lead to use-after-free (bsc#1252934)
- CVE-2025-61664: Fixed missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935)

Other fixes:

- Bump upstream SBAT generation to 6
</description>
</patchinfo>