Ubuntu wants to strip some of GRUB features in 26.10 for security purposes
6 hours ago
- #GRUB
- #Ubuntu
- #Security
- Ubuntu proposes removing certain features from signed GRUB builds in version 26.10 to improve security.
- Filesystems to be removed include btrfs, hfsplus, xfs, and zfs; ext4, fat, iso9660, and squashfs will be retained.
- Image formats like jpeg and png will be removed, with none retained due to security risks.
- Partition table support will drop part_apple, keeping part_gpt and part_msdos.
- Support for LVM, md-raid (except raid1), and LUKS-encrypted disks will be removed.
- Systems must boot with /boot on a raw ext4 partition, affecting encrypted and ZFS/XFS/BTRFS systems.
- RAID systems typically mirror /boot, so the impact should be minimal.
- Affected systems will default to staying on 26.04 LTS, with upgrades disabled.
- Community feedback includes concerns over removing btrfs, LUKS2, and image support, citing usability and security impacts.
- Suggestions to switch to systemd-boot and concerns over multi-arch support and flavor customizations were raised.