summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndré Fabian Silva Delgado <emulatorman@parabola.nu>2017-02-05 20:54:35 -0300
committerAndré Fabian Silva Delgado <emulatorman@parabola.nu>2017-02-05 22:24:22 -0300
commitfabcd1879cdfaac762a307a26bdee4bfef3876f9 (patch)
treec1916ca546f3eb2d3962d8657b4eb726c8f26923
parent59b2db03d1ded22f236c5ee6f01bb0c9e86877e5 (diff)
downloadabslibre-fabcd1879cdfaac762a307a26bdee4bfef3876f9.tar.gz
abslibre-fabcd1879cdfaac762a307a26bdee4bfef3876f9.tar.bz2
abslibre-fabcd1879cdfaac762a307a26bdee4bfef3876f9.zip
grub-1:2.02.rc1-1.parabola1: updating version
-rw-r--r--libre/grub/0001-Fix-security-issue-when-reading-username-and-passwor.patch47
-rw-r--r--libre/grub/0005-10_linux-fix-grouping-of-tests.patch22
-rw-r--r--libre/grub/0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch44
-rw-r--r--libre/grub/PKGBUILD52
4 files changed, 18 insertions, 147 deletions
diff --git a/libre/grub/0001-Fix-security-issue-when-reading-username-and-passwor.patch b/libre/grub/0001-Fix-security-issue-when-reading-username-and-passwor.patch
deleted file mode 100644
index aa07f2ffc..000000000
--- a/libre/grub/0001-Fix-security-issue-when-reading-username-and-passwor.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From e16eeda1200deabd0d3a4af968d526d62845a85f Mon Sep 17 00:00:00 2001
-From: Hector Marco-Gisbert <hecmargi@upv.es>
-Date: Fri, 13 Nov 2015 16:21:09 +0100
-Subject: [PATCH] Fix security issue when reading username and password
-
- This patch fixes two integer underflows at:
- * grub-core/lib/crypto.c
- * grub-core/normal/auth.c
-
-Resolves: CVE-2015-8370
-
-Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
-Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
----
- grub-core/lib/crypto.c | 2 +-
- grub-core/normal/auth.c | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
-index 010e550..524a3d8 100644
---- a/grub-core/lib/crypto.c
-+++ b/grub-core/lib/crypto.c
-@@ -468,7 +468,7 @@ grub_password_get (char buf[], unsigned buf_size)
- break;
- }
-
-- if (key == '\b')
-+ if (key == '\b' && cur_len)
- {
- cur_len--;
- continue;
-diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c
-index c6bd96e..5782ec5 100644
---- a/grub-core/normal/auth.c
-+++ b/grub-core/normal/auth.c
-@@ -172,7 +172,7 @@ grub_username_get (char buf[], unsigned buf_size)
- break;
- }
-
-- if (key == '\b')
-+ if (key == '\b' && cur_len)
- {
- cur_len--;
- grub_printf ("\b");
---
-2.6.4
-
diff --git a/libre/grub/0005-10_linux-fix-grouping-of-tests.patch b/libre/grub/0005-10_linux-fix-grouping-of-tests.patch
deleted file mode 100644
index a57b1ecf8..000000000
--- a/libre/grub/0005-10_linux-fix-grouping-of-tests.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-commit 082bc9f77b200eb48a5f1147163dea9c9d02d44c
-Author: Mike Gilbert <floppym@gentoo.org>
-Date: Sat Mar 5 17:30:48 2016 -0500
-
- 10_linux: Fix grouping of tests for GRUB_DEVICE
-
- Commit 7290bb562 causes GRUB_DISABLE_LINUX_UUID to be ignored due to
- mixing of || and && operators. Add some parens to help with that.
-
-diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
-index 5a78513..de9044c 100644
---- a/util/grub.d/10_linux.in
-+++ b/util/grub.d/10_linux.in
-@@ -47,7 +47,7 @@ esac
- # and mounting btrfs requires user space scanning, so force UUID in this case.
- if [ "x${GRUB_DEVICE_UUID}" = "x" ] || [ "x${GRUB_DISABLE_LINUX_UUID}" = "xtrue" ] \
- || ! test -e "/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" \
-- || test -e "${GRUB_DEVICE}" && uses_abstraction "${GRUB_DEVICE}" lvm; then
-+ || ( test -e "${GRUB_DEVICE}" && uses_abstraction "${GRUB_DEVICE}" lvm ); then
- LINUX_ROOT_DEVICE=${GRUB_DEVICE}
- else
- LINUX_ROOT_DEVICE=UUID=${GRUB_DEVICE_UUID}
diff --git a/libre/grub/0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch b/libre/grub/0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch
deleted file mode 100644
index b79610724..000000000
--- a/libre/grub/0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From ce95549cc54b5d6f494608a7c390dba3aab4fba7 Mon Sep 17 00:00:00 2001
-From: Andrei Borzenkov <arvidjaar@gmail.com>
-Date: Thu, 15 Dec 2016 16:07:00 +0300
-Subject: efi: properly terminate filepath with NULL in chainloader
-
-EFI File Path Media Device Path is defined as NULL terminated string;
-but chainloader built file paths without final NULL. This caused error
-with Secure Boot and Linux Foundation PreLoader on Acer with InsydeH20 BIOS.
-Apparently firmware failed verification with EFI_INVALID_PARAMETER which is
-considered fatal error by PreLoader.
-
-Reported and tested by Giovanni Santini <itachi.sama.amaterasu@gmail.com>
----
- grub-core/loader/efi/chainloader.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
-index 522a716..adc8563 100644
---- a/grub-core/loader/efi/chainloader.c
-+++ b/grub-core/loader/efi/chainloader.c
-@@ -122,6 +122,8 @@ copy_file_path (grub_efi_file_path_device_path_t *fp,
- if (*p == '/')
- *p = '\\';
-
-+ /* File Path is NULL terminated */
-+ fp->path_name[size++] = '\0';
- fp->header.length = size * sizeof (grub_efi_char16_t) + sizeof (*fp);
- }
-
-@@ -156,8 +158,10 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename)
- d = GRUB_EFI_NEXT_DEVICE_PATH (d);
- }
-
-+ /* File Path is NULL terminated. Allocate space for 2 extra characters */
-+ /* FIXME why we split path in two components? */
- file_path = grub_malloc (size
-- + ((grub_strlen (dir_start) + 1)
-+ + ((grub_strlen (dir_start) + 2)
- * GRUB_MAX_UTF16_PER_UTF8
- * sizeof (grub_efi_char16_t))
- + sizeof (grub_efi_file_path_device_path_t) * 2);
---
-cgit v1.0
-
diff --git a/libre/grub/PKGBUILD b/libre/grub/PKGBUILD
index ba993a8b4..fd0de287d 100644
--- a/libre/grub/PKGBUILD
+++ b/libre/grub/PKGBUILD
@@ -17,7 +17,7 @@ _IA32_XEN_IN_ARCH_X64='1'
_GRUB_EMU_BUILD='0'
_pkgver='2.02'
-_GRUB_GIT_TAG='grub-2.02-beta3'
+_GRUB_GIT_TAG='2.02-rc1'
_GRUB_EXTRAS_COMMIT=f2a079441939eee7251bf141986cdd78946e1d20
_UNIFONT_VER='9.0.06'
@@ -37,8 +37,8 @@ pkgname=('grub')
[[ $CARCH = armv7h ]] && pkgname+=('grub-am335x_bone' 'grub-udoo' 'grub-omap3_beagle'
'grub-omap3_beagle_xm' 'grub-omap3_beagle_xm_ab')
pkgdesc='GNU GRand Unified Bootloader (2), (Parabola rebranded)'
-pkgver='2.02.beta3'
-pkgrel='6.parabola1'
+pkgver='2.02.rc1'
+pkgrel='1.parabola1'
epoch='1'
url='https://www.gnu.org/software/grub/'
arch=('x86_64' 'i686' 'armv7h')
@@ -73,13 +73,10 @@ fi
source=("grub-${_pkgver}::git+git://git.sv.gnu.org/grub.git#tag=${_GRUB_GIT_TAG}"
"grub-extras::git+git://git.sv.gnu.org/grub-extras.git#commit=${_GRUB_EXTRAS_COMMIT}"
- "http://ftp.gnu.org/gnu/unifont/unifont-${_UNIFONT_VER}/unifont-${_UNIFONT_VER}.bdf.gz"
- "http://ftp.gnu.org/gnu/unifont/unifont-${_UNIFONT_VER}/unifont-${_UNIFONT_VER}.bdf.gz.sig"
- '0001-Fix-security-issue-when-reading-username-and-passwor.patch'
+ "https://ftp.gnu.org/gnu/unifont/unifont-${_UNIFONT_VER}/unifont-${_UNIFONT_VER}.bdf.gz"
+ "https://ftp.gnu.org/gnu/unifont/unifont-${_UNIFONT_VER}/unifont-${_UNIFONT_VER}.bdf.gz.sig"
'0003-10_linux-20_linux_xen-detect-parabola-initramfs.patch'
'0004-add-GRUB_COLOR_variables.patch'
- '0005-10_linux-fix-grouping-of-tests.patch'
- '0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch'
'grub.default'
'0003-10_linux-20_linux_xen-detect-am335x_bone+am335x_boneblack-devicetree-file.patch'
'0003-10_linux-20_linux_xen-detect-omap3_beagle-devicetree-file.patch'
@@ -88,22 +85,19 @@ source=("grub-${_pkgver}::git+git://git.sv.gnu.org/grub.git#tag=${_GRUB_GIT_TAG}
'0003-10_linux-20_linux_xen-detect-udoo-devicetree-file.patch'
'0003-10_linux-20_linux_xen-rebrand-free-distros.patch')
-md5sums=('SKIP'
- 'SKIP'
- 'd849b5922485692d26bb1cb239259274'
- 'SKIP'
- '9589ec46a04f9bb4d5da987340a4a324'
- '3a9bb9bafe0062388e11f72f0e80ba7e'
- 'e506ae4a9f9f7d1b765febfa84e10d48'
- 'f1999315bbd25b4b9359919ce9b36144'
- 'a248d3f53f1fc38cfd7e49b99a559b43'
- '8d1dd54ae4a1b550c097e056892ce953'
- 'a46695e19b588a53b8bac9e3b3c56096'
- '803f5b5f56ba6d74ca84aea67659116e'
- 'b2c20ce3aa7944636b3ea499b40f2160'
- '7e3245bdd30e291f44ab8a00b8a38f3e'
- '95b721dfe74f42df52b7ae94e0e7c067'
- 'e0133ad89ab3014210d4599f396a556e')
+sha512sums=('SKIP'
+ 'SKIP'
+ 'dac2becc7fa76847231ce30a4b9e22fc9d45fb50846fc7f25611c5c2cbedc31e7745d9295bab3eb7a01efad4f1f2f1161c98efa60048e756421075220817f4b8'
+ 'SKIP'
+ '3529ab4d08a4165e081c49dfc1cf40079ad9a1b9dd7ab6d39147fc347cb6aa615fd90292ecd5ecbfb543bf444bef27043a2392029d0210f9b4a6369365d3da1b'
+ '0ae2f50a397268ea0ff46faa180e699ba956acaa68504d9dde7c33ab194430df57c2e2e5f9fe30b6c31e7806666faad4b274747ba151035e338bcaab3d875c3e'
+ '96e49cf3d783f5c8caffd60ea6e72112a12854519dc89a18938f372f7413b3fe99339ed8ad9d660ba457e67436cf7c444dc852455b90efa5546729180b88c3a8'
+ '04262a4a95fa58967e147e39ea71b08cc99aa32a1f0357c46292743f3ea8c05a6ff6fcfc3516a9b61a2a3050781017ed2cabf53fc327b39f7e957d0ddf778165'
+ 'a406ec5a83d1c03dadc1444d91f1b5e682bc74562dcf6e455009d043015dc2316509517f61c76e2ffec4dce5d03702ae47f2dd9b25671a4d7889e2744b090631'
+ '46fb2eeb2856bbdda8e115fc9beb61744e3a0bc9a178ec5d01c36a429691ca2362925382eca3144f2ee2438e69e508043d8f2445a6bef79e63e455fb08293426'
+ '55fb8ea488bb0936a4830eab943cdde986f351796cea259403fa947605c9d39526e0aec987da118cc6cf4c3bbe2a56326a218fbb0709ee7717a62a36a3d31697'
+ '378635a2a8a685f4efd300f19d7f2192dc664fd16811953520e0d49d90a5af377fa0dc45e0d2abc0d9f6750cd4cf885d6ef54445f7e8d3ed0025f2d087351bfc'
+ 'eced721bab4256b9afb322cda7b599ac1cae9dfe2effd1d86569bd3bef056cab80783da25181e627abc2422f4048200ae8b46c7dfe5df4441a55ae00434cd172')
validpgpkeys=('95D2E9AB8740D8046387FD151A09227B1F435A33') #Paul Hardy
@@ -115,10 +109,6 @@ _pkgver() {
prepare() {
cd "${srcdir}/grub-${_pkgver}/"
- msg 'Patch to fix CVE-2015-8370'
- # CVE-2015-8370
- patch -Np1 -i "${srcdir}/0001-Fix-security-issue-when-reading-username-and-passwor.patch"
-
msg 'Patch to detect of Parabola GNU/Linux-libre initramfs images by grub-mkconfig'
patch -Np1 -i "${srcdir}/0003-10_linux-20_linux_xen-detect-parabola-initramfs.patch"
@@ -126,12 +116,6 @@ prepare() {
## Based on http://lists.gnu.org/archive/html/grub-devel/2012-02/msg00021.html
patch -Np1 -i "${srcdir}/0004-add-GRUB_COLOR_variables.patch"
- msg 'Patch to fix grouping of tests for GRUB_DEVICE'
- patch -Np1 -i "${srcdir}/0005-10_linux-fix-grouping-of-tests.patch"
-
- msg "Patch to properly terminate filepath with NULL in chainloader"
- patch -Np1 -i "${srcdir}/0006-efi-properly-terminate-filepath-with-NULL-in-chainloader.patch"
-
msg 'Fix DejaVuSans.ttf location so that grub-mkfont can create *.pf2 files for starfield theme'
sed 's|/usr/share/fonts/dejavu|/usr/share/fonts/dejavu /usr/share/fonts/TTF|g' -i "${srcdir}/grub-${_pkgver}/configure.ac"