###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub-2.00_disable_vga_fallback.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub2-remove-gets.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub-2.00_ignore_missing_symtab.patch
cd $(DIR_APP) && \
./configure \
--prefix=/usr \
install -m 644 $(DIR_SRC)/config/grub2/default /etc/default/grub
# Disable hardening.
- paxctl -mpes /usr/sbin/grub-bios-setup /usr/sbin/grub-probe
+ paxctl -Cmpes /usr/sbin/grub-bios-setup /usr/sbin/grub-probe
+ paxctl -Cmpexs /usr/bin/grub-script-check
# We don't need to install unifont just to generate a grub2 compatible
# font archive for the graphical boot menu. The following command only
projects / people / pmueller / ipfire-2.x.git / blobdiff