grub: upgrade 2.04 -> 2.06~rc1

2.06 RC1 release have a number of CVEs fixed: CVE-2020-15705 CVE-2021-3418 CVE-2020-27749 CVE-2021-20233 CVE-2021-20225 CVE-2020-25647 CVE-2020-25632 CVE-2020-27779 CVE-2020-14372 CVE-2020-15707 CVE-2020-15706 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-14308 CVE-2020-10713 CVE-2014-4607 Dropped backported patches. (From OE-Core rev: 36a59d63619c2225fe48aa1d8fb1cdabedfffc03) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Naveen Saini <naveen.kumar.saini@intel.com> 2021-03-19 15:14:33 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-03-20 18:54:56 +0000
commit: da9b0583de455b48b91d2afe73200dcc0d778da3 (patch)
tree: 27bc885f4749712e2514924f195bc86cee41096e /meta/recipes-bsp/grub/grub2.inc
parent: 9825a860eef8b6003c917969805cc2975ffeb3dc (diff)
download: poky-da9b0583de455b48b91d2afe73200dcc0d778da3.tar.gz
1 files changed, 11 insertions, 13 deletions
diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc
index f870d41f6a..bcff676c26 100644
--- a/meta/recipes-bsp/grub/grub2.inc
+++ b/meta/recipes-bsp/grub/grub2.inc
@@ -13,25 +13,23 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
 CVE_PRODUCT = "grub2"
-SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \
+SRC_URI = "https://alpha.gnu.org/gnu/grub/grub-${REALPV}.tar.xz \
           file://0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch \
           file://autogen.sh-exclude-pc.patch \
           file://grub-module-explicitly-keeps-symbole-.module_license.patch \
           file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \
-           file://CVE-2020-10713.patch \
-           file://calloc-Make-sure-we-always-have-an-overflow-checking.patch \
-           file://lvm-Add-LVM-cache-logical-volume-handling.patch \
-           file://CVE-2020-14308-calloc-Use-calloc-at-most-places.patch \
-           file://safemath-Add-some-arithmetic-primitives-that-check-f.patch \
-           file://CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch \
-           file://script-Remove-unused-fields-from-grub_script_functio.patch \
-           file://CVE-2020-15706-script-Avoid-a-use-after-free-when-redefining-a-func.patch \
-           file://CVE-2020-15707-linux-Fix-integer-overflows-in-initrd-size-handling.patch \
-           file://6643507ce30f775008e093580f0c9499dfb2c485.patch \
           file://determinism.patch \
 "
-SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934"
-SRC_URI[sha256sum] = "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea"
+SRC_URI[sha256sum] = "2c87f1f21e2ab50043e6cd9163c08f1b6c3a6171556bf23ff9ed65b074145484"
+REALPV = "2.06~rc1"
+PV = "2.04+${REALPV}"
+S = "${WORKDIR}/grub-${REALPV}"
+UPSTREAM_CHECK_URI = "${GNU_MIRROR}/grub"
+UPSTREAM_CHECK_REGEX = "grub-(?P<pver>\d+(\.\d+)+)\.tar\.(gz|xz)"
 DEPENDS = "flex-native bison-native gettext-native"
author	Naveen Saini <naveen.kumar.saini@intel.com>	2021-03-19 15:14:33 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-03-20 18:54:56 +0000
commit	da9b0583de455b48b91d2afe73200dcc0d778da3 (patch)
tree	27bc885f4749712e2514924f195bc86cee41096e /meta/recipes-bsp/grub/grub2.inc
parent	9825a860eef8b6003c917969805cc2975ffeb3dc (diff)
download	poky-da9b0583de455b48b91d2afe73200dcc0d778da3.tar.gz

diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index f870d41f6a..bcff676c26 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc
@@ -13,25 +13,23 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
13		13
14	CVE_PRODUCT = "grub2"	14	CVE_PRODUCT = "grub2"
15		15
16	SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \	16	SRC_URI = "https://alpha.gnu.org/gnu/grub/grub-${REALPV}.tar.xz \
17	file://0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch \	17	file://0001-Disable-mfpmath-sse-as-well-when-SSE-is-disabled.patch \
18	file://autogen.sh-exclude-pc.patch \	18	file://autogen.sh-exclude-pc.patch \
19	file://grub-module-explicitly-keeps-symbole-.module_license.patch \	19	file://grub-module-explicitly-keeps-symbole-.module_license.patch \
20	file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \	20	file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \
21	file://CVE-2020-10713.patch \
22	file://calloc-Make-sure-we-always-have-an-overflow-checking.patch \
23	file://lvm-Add-LVM-cache-logical-volume-handling.patch \
24	file://CVE-2020-14308-calloc-Use-calloc-at-most-places.patch \
25	file://safemath-Add-some-arithmetic-primitives-that-check-f.patch \
26	file://CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch \
27	file://script-Remove-unused-fields-from-grub_script_functio.patch \
28	file://CVE-2020-15706-script-Avoid-a-use-after-free-when-redefining-a-func.patch \
29	file://CVE-2020-15707-linux-Fix-integer-overflows-in-initrd-size-handling.patch \
30	file://6643507ce30f775008e093580f0c9499dfb2c485.patch \
31	file://determinism.patch \	21	file://determinism.patch \
32	"	22	"
33	SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934"	23
34	SRC_URI[sha256sum] = "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea"	24	SRC_URI[sha256sum] = "2c87f1f21e2ab50043e6cd9163c08f1b6c3a6171556bf23ff9ed65b074145484"
		25
		26	REALPV = "2.06~rc1"
		27	PV = "2.04+${REALPV}"
		28
		29	S = "${WORKDIR}/grub-${REALPV}"
		30
		31	UPSTREAM_CHECK_URI = "${GNU_MIRROR}/grub"
		32	UPSTREAM_CHECK_REGEX = "grub-(?P<pver>\d+(\.\d+)+)\.tar\.(gz\|xz)"
35		33
36	DEPENDS = "flex-native bison-native gettext-native"	34	DEPENDS = "flex-native bison-native gettext-native"
37		35