This was fixed in debian sid already.
** Description changed:
+ [ Impact ]
+
+ * A large batch of secure boot CVEs in GRUB2 were fixed earlier this
+ year and recently un-embargoed earlier.
+
+ * This has an obvious impact on everyone relying on Secure Boot for any
+ purpose.
+
+ [ Test Plan
The attachment "0001-Do-not-increment-reference-count-when-insmod-is-
call.patch" seems to be a patch. If it isn't, please remove the "patch"
flag from the attachment, remove the "patch" tag, and if you are a
member of the ~ubuntu-reviewers, unsubscribe the team.
[This is an automated message per
