Date: Sun, 20 Sep 2020 04:52:39 +0200 From: Ralf Mardorf <ralf-mardorf@riseup.net> To: freebsd-questions@freebsd.org Subject: Re: Dual-booting/triple-booting FreeBSD under UEFI Message-ID: <20200920045239.52e90b96@archlinux> In-Reply-To: <20200920042414.7d396bc1@archlinux> References: <DB8PR06MB64421AFD5B11F7674E48CBAAF63C0@DB8PR06MB6442.eurprd06.prod.outlook.com> <20200919180814.00005391@seibercom.net> <20200920035310.72276666@archlinux> <20200920042414.7d396bc1@archlinux>
next in thread | previous in thread | raw e-mail | index | archive | help
PPS: This article ( https://www.zdnet.com/article/boothole-attack-impacts-windows-and-linux-sys= tems-using-grub2-and-secure-boot/ ) is from "Catalin Cimpanu for Zero Day | July 29, 2020" The Ubuntu GRUB2 packages were fixed at "29 July 2020" ( https://ubuntu.com/security/notices/USN-4432-1 ). "Eclypsium said it expects patching to take a long while, as fixing bootloader bugs is usually a complex process due to the multitude of components and advanced cryptography involved in the process." - https://www.zdnet.com/article/boothole-attack-impacts-windows-and-linux-sys= tems-using-grub2-and-secure-boot/ "There=E2=80=99s a Hole in the Boot=09 July 29, 2020 / Eclypsium" - https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ IIUC the news are from July 29, 2020 and the issue was fixed in July 29, 2020. Is this a "long time"? I'm even uncertain, if the issue wasn't already fixed, before the "news" was spread by those making a living from spreading FUD and selling snake oil. See https://blackarch.org/tools.html -> http://blog.fefe.de/?ts=3Db6cea88d (unfortunately in German only).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200920045239.52e90b96>