coreos/fedora-coreos-config
1
0
Fork 0
mirror of https://github.com/coreos/fedora-coreos-config.git synced 2026-02-05 09:45:30 +01:00
Code Issues Releases Activity
Files
d7d40682debfa5a29d0a4e5ff4c73d52bd60f963
fedora-coreos-config/tests
History
Benjamin Gilbert d7d40682de overlay/15fcos: retroactively fix BLS grub_users setting (CVE-2022-3675) 
Starting with FCOS 36.20220906.1.0, 36.20220906.2.0, and 36.20220820.3.0,
coreos-assembler inadvertently failed to configure ostree to set
`grub_users=""` in non-default BLS configs, allowing old deployments to
be booted without a GRUB password.  Add a service that fixes this setting
on the first boot after upgrade, if the aleph version corresponds to an
affected release.

This can be reverted after the next update barrier in all streams.

For https://github.com/coreos/fedora-coreos-tracker/issues/1333.
2022-11-01 21:15:04 -04:00
..
kola
overlay/15fcos: retroactively fix BLS grub_users setting (CVE-2022-3675)
2022-11-01 21:15:04 -04:00
manual
*: ShellCheck fixes
2022-09-12 07:29:51 +00:00