grub: update to 2.02

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
2026-04-09 18:45:54 +02:00 · 2018-04-17 06:10:06 +02:00
parent cd99c47371
commit 20406699e3
8 changed files with 1167 additions and 1034 deletions
--- a/config/rootfiles/common/i586/grub
+++ b/config/rootfiles/common/i586/grub
--- a/config/rootfiles/common/x86_64/grub
+++ b/config/rootfiles/common/x86_64/grub
--- a/lfs/grub
+++ b/lfs/grub
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2015  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2018  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@

 include Config

-VER        = 2.00
+VER        = 2.02

 THISAPP    = grub-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -46,7 +46,7 @@ objects = $(DL_FILE) \
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 unifont-7.0.03.pcf.gz = $(DL_FROM)/unifont-7.0.03.pcf.gz

-$(DL_FILE)_MD5 = a1043102fbc7bcedbf53e7ee3d17ab91
+$(DL_FILE)_MD5 = 8a4a2a95aac551fb0fba860ceabfa1d3
 unifont-7.0.03.pcf.gz_MD5 = f6903ac8c1caeeb30c1e9a2975028401

 install : $(TARGET)
@@ -77,10 +77,9 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub-2.00_disable_vga_fallback.patch
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub2-remove-gets.patch
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub-2.00_ignore_missing_symtab.patch
+
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub-2.02_disable_vga_fallback.patch
+
 	cd $(DIR_APP) && \
 		./configure \
 			--prefix=/usr \
--- a/src/patches/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
+++ b/src/patches/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
@@ -1,45 +0,0 @@
-From 88c9657960a6c5d3673a25c266781e876c181add Mon Sep 17 00:00:00 2001
-From: Hector Marco-Gisbert <hecmargi@upv.es>
-Date: Fri, 13 Nov 2015 16:21:09 +0100
-Subject: [PATCH] Fix security issue when reading username and password
-
-  This patch fixes two integer underflows at:
-    * grub-core/lib/crypto.c
-    * grub-core/normal/auth.c
-
-Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
-Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
---
- grub-core/lib/crypto.c  | 2 +-
- grub-core/normal/auth.c | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
-index 010e550..524a3d8 100644
--- a/grub-core/lib/crypto.c
-+++ b/grub-core/lib/crypto.c
-@@ -456,7 +456,7 @@ grub_password_get (char buf[], unsigned buf_size)
- 	  break;
- 	}
- 
-      if (key == '\b')
-+      if (key == '\b' && cur_len)
- 	{
- 	  cur_len--;
- 	  continue;
-diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c
-index c6bd96e..5782ec5 100644
--- a/grub-core/normal/auth.c
-+++ b/grub-core/normal/auth.c
-@@ -172,7 +172,7 @@ grub_username_get (char buf[], unsigned buf_size)
- 	  break;
- 	}
- 
-      if (key == '\b')
-+      if (key == '\b' && cur_len)
- 	{
- 	  cur_len--;
- 	  grub_printf ("\b");
-- 
-1.9.1
-
--- a/src/patches/grub-2.00_disable_vga_fallback.patch
+++ b/src/patches/grub-2.00_disable_vga_fallback.patch
@@ -1,15 +0,0 @@
-We have to remove the vga fallback because this not work on bay-trail and other
-new intel onboard graphics.
-
-diff -Naur grub-2.00.org/grub-core/video/i386/pc/vga.c grub-2.00/grub-core/video/i386/pc/vga.c
--- grub-2.00.org/grub-core/video/i386/pc/vga.c	2012-06-06 23:21:02.000000000 +0200
-+++ grub-2.00/grub-core/video/i386/pc/vga.c	2014-09-05 21:41:04.790870375 +0200
-@@ -122,7 +122,7 @@
- {
-   grub_err_t err;
- 
-  if ((width && width != VGA_WIDTH) || (height && height != VGA_HEIGHT))
-+//  if ((width && width != VGA_WIDTH) || (height && height != VGA_HEIGHT))
-     return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "no matching mode found");
- 
-   framebuffer.temporary_buffer = grub_malloc (VGA_HEIGHT * VGA_WIDTH);
--- a/src/patches/grub-2.00_ignore_missing_symtab.patch
+++ b/src/patches/grub-2.00_ignore_missing_symtab.patch
@@ -1,40 +0,0 @@
-diff -Naur grub-2.00.org/grub-core/kern/dl.c grub-2.00/grub-core/kern/dl.c
--- grub-2.00.org/grub-core/kern/dl.c	2012-06-22 17:26:38.000000000 +0200
-+++ grub-2.00/grub-core/kern/dl.c	2017-07-05 10:45:25.501645684 +0200
-@@ -354,8 +354,11 @@
-     if (s->sh_type == SHT_SYMTAB)
-       break;
- 
-+  /* Module without symbol table may still be used to pull in dependencies.
-+     We verify at build time that such modules do not contain any relocations
-+     that may reference symbol table. */
-   if (i == e->e_shnum)
-    return grub_error (GRUB_ERR_BAD_MODULE, N_("no symbol table"));
-+     return GRUB_ERR_NONE;
- 
- #ifdef GRUB_MODULES_MACHINE_READONLY
-   mod->symtab = grub_malloc (s->sh_size);
-diff -Naur grub-2.00.org/grub-core/kern/i386/dl.c grub-2.00/grub-core/kern/i386/dl.c
--- grub-2.00.org/grub-core/kern/i386/dl.c	2012-02-26 12:14:21.000000000 +0100
-+++ grub-2.00/grub-core/kern/i386/dl.c	2017-07-05 17:01:43.333955065 +0200
-@@ -55,7 +55,7 @@
-       break;
- 
-   if (i == e->e_shnum)
-    return grub_error (GRUB_ERR_BAD_MODULE, N_("no symbol table"));
-+    return GRUB_ERR_NONE;
- 
-   entsize = s->sh_entsize;
- 
-diff -Naur grub-2.00.org/grub-core/kern/x86_64/dl.c grub-2.00/grub-core/kern/x86_64/dl.c
--- grub-2.00.org/grub-core/kern/x86_64/dl.c	2012-02-26 12:14:56.000000000 +0100
-+++ grub-2.00/grub-core/kern/x86_64/dl.c	2017-07-05 17:02:23.374574458 +0200
-@@ -55,7 +55,7 @@
-       break;
- 
-   if (i == e->e_shnum)
-    return grub_error (GRUB_ERR_BAD_MODULE, N_("no symbol table"));
-+    return GRUB_ERR_NONE;
- 
-   entsize = s->sh_entsize;
- 
--- a/src/patches/grub-2.02_disable_vga_fallback.patch
+++ b/src/patches/grub-2.02_disable_vga_fallback.patch
@@ -0,0 +1,15 @@
+We have to remove the vga fallback because this not work on bay-trail and other
+new intel onboard graphics.
+
+diff -Naur grub-2.02.org/grub-core/video/i386/pc/vga.c grub-2.02/grub-core/video/i386/pc/vga.c
+--- grub-2.02.org/grub-core/video/i386/pc/vga.c	2015-05-21 17:50:29.000000000 +0200
+++ grub-2.02/grub-core/video/i386/pc/vga.c	2018-04-15 22:24:41.686842878 +0200
+@@ -122,7 +122,7 @@
+ {
+   grub_err_t err;
+ 
+-  if ((width && width != VGA_WIDTH) || (height && height != 350 && height != 480))
+//  if ((width && width != VGA_WIDTH) || (height && height != 350 && height != 480))
+     return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "no matching mode found");
+ 
+   vga_height = height ? : 480;
--- a/src/patches/grub2-remove-gets.patch
+++ b/src/patches/grub2-remove-gets.patch
@@ -1,21 +0,0 @@
-ISO C11 removes the specification of gets() from the C language, eglibc 2.16+ removed it
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
-Upstream-Status: Pending
-Index: grub-1.99/grub-core/gnulib/stdio.in.h
-===================================================================
--- grub-1.99.orig/grub-core/gnulib/stdio.in.h	2010-12-01 06:45:43.000000000 -0800
-+++ grub-1.99/grub-core/gnulib/stdio.in.h	2012-07-04 12:25:02.057099107 -0700
-@@ -140,8 +140,10 @@
- /* It is very rare that the developer ever has full control of stdin,
-    so any use of gets warrants an unconditional warning.  Assume it is
-    always declared, since it is required by C89.  */
-+#if defined gets
- #undef gets
- _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
-+#endif
- 
- #if @GNULIB_FOPEN@
- # if @REPLACE_FOPEN@