PKG_NAME:=grub
PKG_CPE_ID:=cpe:/a:gnu:grub2
-PKG_VERSION:=2.06~rc1
+PKG_VERSION:=2.06
PKG_RELEASE:=$(AUTORELEASE)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_SOURCE_URL:=https://alpha.gnu.org/gnu/grub
-PKG_HASH:=2c87f1f21e2ab50043e6cd9163c08f1b6c3a6171556bf23ff9ed65b074145484
+PKG_SOURCE_URL:=@GNU/grub
+PKG_HASH:=b79ea44af91b93d17cd3fe80bdae6ed43770678a9a5ae192ccea803ebb657ee1
HOST_BUILD_PARALLEL:=1
PKG_BUILD_DEPENDS:=grub2/host
--- a/util/grub-install.c
+++ b/util/grub-install.c
-@@ -1720,7 +1720,7 @@ main (int argc, char *argv[])
- /* Now perform the installation. */
+@@ -1721,7 +1721,7 @@ main (int argc, char *argv[])
if (install_bootsector)
- grub_util_bios_setup (platdir, "boot.img", "core.img",
-- install_drive, force,
-+ NULL, install_drive, force,
- fs_probe, allow_floppy, add_rs_codes,
- !grub_install_is_short_mbrgap_supported ());
- break;
-@@ -1747,7 +1747,7 @@ main (int argc, char *argv[])
- /* Now perform the installation. */
+ {
+ grub_util_bios_setup (platdir, "boot.img", "core.img",
+- install_drive, force,
++ NULL, install_drive, force,
+ fs_probe, allow_floppy, add_rs_codes,
+ !grub_install_is_short_mbrgap_supported ());
+
+@@ -1752,7 +1752,7 @@ main (int argc, char *argv[])
if (install_bootsector)
- grub_util_sparc_setup (platdir, "boot.img", "core.img",
-- install_drive, force,
-+ NULL, install_drive, force,
- fs_probe, allow_floppy,
- 0 /* unused */, 0 /* unused */ );
- break;
+ {
+ grub_util_sparc_setup (platdir, "boot.img", "core.img",
+- install_drive, force,
++ NULL, install_drive, force,
+ fs_probe, allow_floppy,
+ 0 /* unused */, 0 /* unused */ );
+
--- a/util/grub-setup.c
+++ b/util/grub-setup.c
@@ -87,6 +87,8 @@ static struct argp_option options[] = {
+++ /dev/null
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: Hector Marco-Gisbert <hecmargi@upv.es>
-Date: Fri, 13 Nov 2015 16:21:09 +0100
-Subject: [PATCH] Fix security issue when reading username and password
-
- This patch fixes two integer underflows at:
- * grub-core/lib/crypto.c
- * grub-core/normal/auth.c
-
-Resolves: CVE-2015-8370
-
-Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
-Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
----
- grub-core/lib/crypto.c | 2 +-
- grub-core/normal/auth.c | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
---- a/grub-core/lib/crypto.c
-+++ b/grub-core/lib/crypto.c
-@@ -468,7 +468,7 @@ grub_password_get (char buf[], unsigned
- break;
- }
-
-- if (key == '\b')
-+ if (key == '\b' && cur_len)
- {
- if (cur_len)
- cur_len--;
---- a/grub-core/normal/auth.c
-+++ b/grub-core/normal/auth.c
-@@ -172,7 +172,7 @@ grub_username_get (char buf[], unsigned
- break;
- }
-
-- if (key == GRUB_TERM_BACKSPACE)
-+ if (key == GRUB_TERM_BACKSPACE && cur_len)
- {
- if (cur_len)
- {
projects / openwrt / staging / mkresin.git / commitdiff