Skip to content

grub2: apply November security fixes#463308

Merged
vcunat merged 1 commit intoNixOS:staging-nextfrom
LeSuisse:grub2-november-sec-fixes
Nov 22, 2025
Merged

grub2: apply November security fixes#463308
vcunat merged 1 commit intoNixOS:staging-nextfrom
LeSuisse:grub2-november-sec-fixes

Conversation

@LeSuisse
Copy link
Member

@LeSuisse LeSuisse commented Nov 19, 2025
edited
Loading

https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00155.html

Fixes CVE-2025-54770, CVE-2025-54771, CVE-2025-61661, CVE-2025-61662, CVE-2025-61663 and CVE-2025-61664.

Things done

  • Built on platform:
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested, as applicable:
  • Ran nixpkgs-review on this PR. See nixpkgs-review usage.
  • Tested basic functionality of all binary files, usually in ./result/bin/.
  • Nixpkgs Release Notes
    • Package update: when the change is major or breaking.
  • NixOS Release Notes
    • Module addition: when adding a new NixOS module.
    • Module update: when the change is significant.
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

Add a 👍 reaction to pull requests you find important.

@LeSuisse LeSuisse added 1.severity: security Issues which raise a security issue, or PRs that fix one backport staging-25.05 labels Nov 19, 2025
@nixpkgs-ci nixpkgs-ci bot added 10.rebuild-linux: 11-100 This PR causes between 11 and 100 packages to rebuild on Linux. 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 9.needs: reviewer This PR currently has no reviewers requested and needs attention. 10.rebuild-nixos-tests This PR causes rebuilds for all NixOS tests and should normally target the staging branches. labels Nov 19, 2025
@zowoq
Copy link
Contributor

zowoq commented Nov 19, 2025

As this is only a rebuild of the nixos tests it could go to staging-nixos instead of staging.

@LeSuisse LeSuisse marked this pull request as draft November 22, 2025 14:49
@LeSuisse LeSuisse force-pushed the grub2-november-sec-fixes branch from 1142483 to e6066a2 Compare November 22, 2025 14:50
@LeSuisse LeSuisse changed the base branch from staging to staging-next November 22, 2025 14:50
@LeSuisse LeSuisse marked this pull request as ready for review November 22, 2025 14:50
@nixpkgs-ci nixpkgs-ci bot closed this Nov 22, 2025
@nixpkgs-ci nixpkgs-ci bot reopened this Nov 22, 2025
@vcunat vcunat changed the base branch from staging-next to staging-nixos November 22, 2025 17:27
@nixpkgs-ci nixpkgs-ci bot closed this Nov 22, 2025
@nixpkgs-ci nixpkgs-ci bot reopened this Nov 22, 2025
@vcunat vcunat changed the base branch from staging-nixos to staging-next November 22, 2025 17:27
@nixpkgs-ci nixpkgs-ci bot closed this Nov 22, 2025
@nixpkgs-ci nixpkgs-ci bot reopened this Nov 22, 2025
@vcunat
Copy link
Member

vcunat commented Nov 22, 2025

Oh, I didn't realize that you'd include commits from master..staging-next.

@vcunat vcunat added this pull request to the merge queue Nov 22, 2025
Merged via the queue into NixOS:staging-next with commit 63919be Nov 22, 2025
71 of 90 checks passed
@nixpkgs-ci nixpkgs-ci bot mentioned this pull request Nov 22, 2025
Merged
@nixpkgs-ci
Copy link
Contributor

nixpkgs-ci bot commented Nov 22, 2025

Successfully created backport PR for staging-25.05:

@github-actions github-actions bot added the 8.has: port to stable This PR already has a backport to the stable release. label Nov 22, 2025
@LeSuisse LeSuisse deleted the grub2-november-sec-fixes branch November 22, 2025 20:32
vcunat added a commit that referenced this pull request Dec 11, 2025
@vcunat
grub2: apply November security fixes (#463308)
baa63c4 
This is a remerge which might get sooner to nixpkgs master.
@LeSuisse LeSuisse mentioned this pull request Dec 18, 2025
Closed
This was referenced Dec 18, 2025
Closed
Closed
Closed
Closed
Closed
@osnyx osnyx added the backport staging-25.11 Backport PR automatically label Jan 30, 2026
@osnyx
Copy link
Contributor

osnyx commented Jan 30, 2026

These fixes missed the cutoff for 25.11 but were never backported.

@nixpkgs-ci
Copy link
Contributor

nixpkgs-ci bot commented Jan 30, 2026

Successfully created backport PR for staging-25.11:

@nixpkgs-ci nixpkgs-ci bot mentioned this pull request Jan 30, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 8.has: port to stable This PR already has a backport to the stable release. 9.needs: reviewer This PR currently has no reviewers requested and needs attention. 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-linux: 11-100 This PR causes between 11 and 100 packages to rebuild on Linux. 10.rebuild-nixos-tests This PR causes rebuilds for all NixOS tests and should normally target the staging branches. backport staging-25.11 Backport PR automatically

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@LeSuisse @zowoq @vcunat @osnyx