This update for grub2 fixes the following issues: grub2 now implements the new SBAT method for SHIM based secure boot revocation. Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command - CVE-2020-25647: Fixed an out-of-bound write in grub_usb_device_initialize - CVE-2020-27749: Fixed a stack buffer overflow in grub_parser_split_cmdline - CVE-2020-27779, CVE-2020-14372: Disallow cutmem and acpi commands in secure boot mode - CVE-2021-20225: Fixed a heap out-of-bounds write in short form option parser - CVE-2021-20233: Fixed a heap out-of-bound write due to mis-calculation of space required for quoting grub2 was bumped to version 2.02, same as SUSE Linux Enterprise 12 SP3.