[arch-commits] Commit in grub/trunk (4 files)
Christian Hesse
eworm at archlinux.org
Fri Feb 3 19:54:30 UTC 2017
Date: Friday, February 3, 2017 @ 19:54:29
Author: eworm
Revision: 287992
upgpkg: grub 1:2.02.rc1-1
* new upstream release
* remove patch no longer required
Modified:
grub/trunk/PKGBUILD
Deleted:
grub/trunk/0001-Fix-security-issue-when-reading-username-and-passwor.patch
grub/trunk/0005-10_linux-fix-grouping-of-tests.patch
grub/trunk/0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch
---------------------------------------------------------------------+
0001-Fix-security-issue-when-reading-username-and-passwor.patch | 47 ----------
0005-10_linux-fix-grouping-of-tests.patch | 22 ----
0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch | 44 ---------
PKGBUILD | 25 -----
4 files changed, 3 insertions(+), 135 deletions(-)
Deleted: 0001-Fix-security-issue-when-reading-username-and-passwor.patch
===================================================================
--- 0001-Fix-security-issue-when-reading-username-and-passwor.patch 2017-02-03 18:17:48 UTC (rev 287991)
+++ 0001-Fix-security-issue-when-reading-username-and-passwor.patch 2017-02-03 19:54:29 UTC (rev 287992)
@@ -1,47 +0,0 @@
-From e16eeda1200deabd0d3a4af968d526d62845a85f Mon Sep 17 00:00:00 2001
-From: Hector Marco-Gisbert <hecmargi at upv.es>
-Date: Fri, 13 Nov 2015 16:21:09 +0100
-Subject: [PATCH] Fix security issue when reading username and password
-
- This patch fixes two integer underflows at:
- * grub-core/lib/crypto.c
- * grub-core/normal/auth.c
-
-Resolves: CVE-2015-8370
-
-Signed-off-by: Hector Marco-Gisbert <hecmargi at upv.es>
-Signed-off-by: Ismael Ripoll-Ripoll <iripoll at disca.upv.es>
----
- grub-core/lib/crypto.c | 2 +-
- grub-core/normal/auth.c | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
-index 010e550..524a3d8 100644
---- a/grub-core/lib/crypto.c
-+++ b/grub-core/lib/crypto.c
-@@ -468,7 +468,7 @@ grub_password_get (char buf[], unsigned buf_size)
- break;
- }
-
-- if (key == '\b')
-+ if (key == '\b' && cur_len)
- {
- cur_len--;
- continue;
-diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c
-index c6bd96e..5782ec5 100644
---- a/grub-core/normal/auth.c
-+++ b/grub-core/normal/auth.c
-@@ -172,7 +172,7 @@ grub_username_get (char buf[], unsigned buf_size)
- break;
- }
-
-- if (key == '\b')
-+ if (key == '\b' && cur_len)
- {
- cur_len--;
- grub_printf ("\b");
---
-2.6.4
-
Deleted: 0005-10_linux-fix-grouping-of-tests.patch
===================================================================
--- 0005-10_linux-fix-grouping-of-tests.patch 2017-02-03 18:17:48 UTC (rev 287991)
+++ 0005-10_linux-fix-grouping-of-tests.patch 2017-02-03 19:54:29 UTC (rev 287992)
@@ -1,22 +0,0 @@
-commit 082bc9f77b200eb48a5f1147163dea9c9d02d44c
-Author: Mike Gilbert <floppym at gentoo.org>
-Date: Sat Mar 5 17:30:48 2016 -0500
-
- 10_linux: Fix grouping of tests for GRUB_DEVICE
-
- Commit 7290bb562 causes GRUB_DISABLE_LINUX_UUID to be ignored due to
- mixing of || and && operators. Add some parens to help with that.
-
-diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
-index 5a78513..de9044c 100644
---- a/util/grub.d/10_linux.in
-+++ b/util/grub.d/10_linux.in
-@@ -47,7 +47,7 @@ esac
- # and mounting btrfs requires user space scanning, so force UUID in this case.
- if [ "x${GRUB_DEVICE_UUID}" = "x" ] || [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \
- || ! test -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" \
-- || test -e "${GRUB_DEVICE}" && uses_abstraction "${GRUB_DEVICE}" lvm; then
-+ || ( test -e "${GRUB_DEVICE}" && uses_abstraction "${GRUB_DEVICE}" lvm ); then
- LINUX_ROOT_DEVICE=${GRUB_DEVICE}
- else
- LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID}
Deleted: 0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch
===================================================================
--- 0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch 2017-02-03 18:17:48 UTC (rev 287991)
+++ 0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch 2017-02-03 19:54:29 UTC (rev 287992)
@@ -1,44 +0,0 @@
-From ce95549cc54b5d6f494608a7c390dba3aab4fba7 Mon Sep 17 00:00:00 2001
-From: Andrei Borzenkov <arvidjaar at gmail.com>
-Date: Thu, 15 Dec 2016 16:07:00 +0300
-Subject: efi: properly terminate filepath with NULL in chainloader
-
-EFI File Path Media Device Path is defined as NULL terminated string;
-but chainloader built file paths without final NULL. This caused error
-with Secure Boot and Linux Foundation PreLoader on Acer with InsydeH20 BIOS.
-Apparently firmware failed verification with EFI_INVALID_PARAMETER which is
-considered fatal error by PreLoader.
-
-Reported and tested by Giovanni Santini <itachi.sama.amaterasu at gmail.com>
----
- grub-core/loader/efi/chainloader.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
-index 522a716..adc8563 100644
---- a/grub-core/loader/efi/chainloader.c
-+++ b/grub-core/loader/efi/chainloader.c
-@@ -122,6 +122,8 @@ copy_file_path (grub_efi_file_path_device_path_t *fp,
- if (*p == '/')
- *p = '\\';
-
-+ /* File Path is NULL terminated */
-+ fp->path_name[size++] = '\0';
- fp->header.length = size * sizeof (grub_efi_char16_t) + sizeof (*fp);
- }
-
-@@ -156,8 +158,10 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename)
- d = GRUB_EFI_NEXT_DEVICE_PATH (d);
- }
-
-+ /* File Path is NULL terminated. Allocate space for 2 extra characters */
-+ /* FIXME why we split path in two components? */
- file_path = grub_malloc (size
-- + ((grub_strlen (dir_start) + 1)
-+ + ((grub_strlen (dir_start) + 2)
- * GRUB_MAX_UTF16_PER_UTF8
- * sizeof (grub_efi_char16_t))
- + sizeof (grub_efi_file_path_device_path_t) * 2);
---
-cgit v1.0
-
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2017-02-03 18:17:48 UTC (rev 287991)
+++ PKGBUILD 2017-02-03 19:54:29 UTC (rev 287992)
@@ -9,7 +9,7 @@
_GRUB_EMU_BUILD="0"
_pkgver="2.02"
-_GRUB_GIT_TAG="grub-2.02-beta3"
+_GRUB_GIT_TAG="2.02-rc1"
_GRUB_EXTRAS_COMMIT="f2a079441939eee7251bf141986cdd78946e1d20"
_UNIFONT_VER="9.0.06"
@@ -22,8 +22,8 @@
pkgname="grub"
pkgdesc="GNU GRand Unified Bootloader (2)"
-pkgver=2.02.beta3
-pkgrel=6
+pkgver=2.02.rc1
+pkgrel=1
epoch=1
url="https://www.gnu.org/software/grub/"
arch=('x86_64' 'i686')
@@ -59,12 +59,9 @@
"grub-extras::git+git://git.sv.gnu.org/grub-extras.git#commit=${_GRUB_EXTRAS_COMMIT}"
"https://ftp.gnu.org/gnu/unifont/unifont-${_UNIFONT_VER}/unifont-${_UNIFONT_VER}.bdf.gz"
"https://ftp.gnu.org/gnu/unifont/unifont-${_UNIFONT_VER}/unifont-${_UNIFONT_VER}.bdf.gz.sig"
- '0001-Fix-security-issue-when-reading-username-and-passwor.patch'
'0002-intel-ucode.patch'
'0003-10_linux-detect-archlinux-initramfs.patch'
'0004-add-GRUB_COLOR_variables.patch'
- '0005-10_linux-fix-grouping-of-tests.patch'
- '0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch'
'grub.default'
'grub.cfg')
@@ -72,12 +69,9 @@
'SKIP'
'4246c4773ed70f78a7e27ff1118fd257a280d1102200265ad5d58bb2011195ef'
'SKIP'
- '6a85a2a93a27f64bac68bef513e3239a898a0502221978b3cb99e41994021b05'
'37adb95049f6cdcbdbf60ed6b6440c5be99a4cd307a0f96c3c3837b6c2e07f3c'
'b41e4438319136b5e74e0abdfcb64ae115393e4e15207490272c425f54026dd3'
'a5198267ceb04dceb6d2ea7800281a42b3f91fd02da55d2cc9ea20d47273ca29'
- 'bf712de689a944ac23a0303bbcc223eedf8d4fcb5c94bdc071c71c2444158a7f'
- 'd99f47642d325398873346e25ecb646c387e358e25b05128fa333cc7721a7388'
'df764fbd876947dea973017f95371e53833bf878458140b09f0b70d900235676'
'c5e4f3836130c6885e9273c21f057263eba53f4b7c0e2f111f6e5f2e487a47ad')
@@ -89,11 +83,6 @@
prepare() {
cd "${srcdir}/grub-${_pkgver}/"
- msg "Patch to fix CVE-2015-8370"
- # CVE-2015-8370
- patch -Np1 -i "${srcdir}/0001-Fix-security-issue-when-reading-username-and-passwor.patch"
- echo
-
msg "Patch to load Intel microcode"
patch -Np1 -i "${srcdir}/0002-intel-ucode.patch"
echo
@@ -107,14 +96,6 @@
patch -Np1 -i "${srcdir}/0004-add-GRUB_COLOR_variables.patch"
echo
- msg "Patch to fix grouping of tests for GRUB_DEVICE"
- patch -Np1 -i "${srcdir}/0005-10_linux-fix-grouping-of-tests.patch"
- echo
-
- msg "Patch to properly terminate filepath with NULL in chainloader"
- patch -Np1 -i "${srcdir}/0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch"
- echo
-
msg "Fix DejaVuSans.ttf location so that grub-mkfont can create *.pf2 files for starfield theme"
sed 's|/usr/share/fonts/dejavu|/usr/share/fonts/dejavu /usr/share/fonts/TTF|g' -i "${srcdir}/grub-${_pkgver}/configure.ac"
More information about the arch-commits
mailing list