Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 20 Sep 2020 04:52:39 +0200
From:      Ralf Mardorf <ralf-mardorf@riseup.net>
To:        freebsd-questions@freebsd.org
Subject:   Re: Dual-booting/triple-booting FreeBSD under UEFI
Message-ID:  <20200920045239.52e90b96@archlinux>
In-Reply-To: <20200920042414.7d396bc1@archlinux>
References:  <DB8PR06MB64421AFD5B11F7674E48CBAAF63C0@DB8PR06MB6442.eurprd06.prod.outlook.com> <20200919180814.00005391@seibercom.net> <20200920035310.72276666@archlinux> <20200920042414.7d396bc1@archlinux>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
PPS:

This article (
https://www.zdnet.com/article/boothole-attack-impacts-windows-and-linux-sys=
tems-using-grub2-and-secure-boot/
) is from "Catalin Cimpanu for Zero Day | July 29, 2020"

The Ubuntu GRUB2 packages were fixed at "29 July 2020" (
https://ubuntu.com/security/notices/USN-4432-1 ).

"Eclypsium said it expects patching to take a long while, as fixing
bootloader bugs is usually a complex process due to the multitude of
components and advanced cryptography involved in the process." -
https://www.zdnet.com/article/boothole-attack-impacts-windows-and-linux-sys=
tems-using-grub2-and-secure-boot/

"There=E2=80=99s a Hole in the Boot=09
July 29, 2020   /    Eclypsium" -
https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/

IIUC the news are from July 29, 2020 and the issue was fixed in July 29,
2020. Is this a "long time"? I'm even uncertain, if the issue wasn't
already fixed, before the "news" was spread by those making a living
from spreading FUD and selling snake oil.

See https://blackarch.org/tools.html ->
http://blog.fefe.de/?ts=3Db6cea88d (unfortunately in German only).




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20200920045239.52e90b96>