grub/util at f3d6090319e70e992d7f2c22b66510364d9703b7 - grub - Gitea: Git with a cup of tea.... and pages of fanfiction!

tablet/grub

History

Michael Chang 0adec29674 grub-mkconfig: Restore umask for the grub.cfg

The commit ab2e53c8a (grub-mkconfig: Honor a symlink when generating
configuration by grub-mkconfig) has inadvertently discarded umask for
creating grub.cfg in the process of running grub-mkconfig. The resulting
wrong permission (0644) would allow unprivileged users to read GRUB
configuration file content. This presents a low confidentiality risk
as grub.cfg may contain non-secured plain-text passwords.

This patch restores the missing umask and sets the creation file mode
to 0600 preventing unprivileged access.

Fixes: CVE-2021-3981

Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

2021-12-23 01:43:59 +01:00

..

bash-completion.d

Clean up dangling references to grub-setup.

2013-01-12 13:30:37 +00:00

templates: Filter out POSIX locale for translation

2021-11-22 15:55:06 +01:00

Merge mainline into install

2010-09-15 14:46:53 +02:00

ieee1275: Fix segfault in grub-ofpathname

2017-12-06 12:55:55 +01:00

bin2h.c

Fix handling of build-time grub-bin2h and grub-mkfont when doing

2013-08-14 10:56:55 +02:00

config.c

* util/config.c: Remove trailing newline from distributor in simple

2013-12-14 21:50:36 +01:00

editenv.c

grub-editenv: Make grub-editenv chase symlinks including those across devices

2020-02-18 15:16:02 +01:00

garbage-gen.c

* util/garbage-gen.c: Add missing include of sys/time.h.

2013-11-23 12:42:30 +01:00

getroot.c

calloc: Use calloc() at most places

2020-07-29 16:55:47 +02:00

glue-efi.c

util/glue-efi: Fix incorrect use of a possibly negative value

2021-03-02 15:54:17 +01:00

grub-editenv.c

util/grub-editenv: Fix incorrect casting of a signed value

2021-03-02 15:54:17 +01:00

grub-file.c

calloc: Use calloc() at most places

2020-07-29 16:55:47 +02:00

grub-fstest.c

util/grub-fstest: Fix resource leaks in cmd_cmp()

2021-11-02 16:39:11 +01:00

grub-gen-asciih.c

* util/grub-gen-asciih.c (add_glyph): Fix uninitialised variable.

2014-06-21 20:26:47 +02:00

grub-gen-widthspec.c

Fix build with FreeType 2.5.1

2013-11-29 12:19:36 +00:00

grub-glue-efi.c

Build fixes for argp.h with older gcc.

2013-12-21 18:08:25 +01:00

grub-install-common.c

util/grub-install-common: Fix memory leak in copy_all()

2021-11-02 16:27:00 +01:00

grub-install.c

grub-install: Add backup and restore

2021-06-01 17:20:20 +02:00

grub-kbdcomp.in

Change -v to -V for version of shell utils.

2016-02-12 15:46:05 +01:00

grub-macbless.c

Fix canonicalize_file_name clash.

2015-03-04 01:00:19 +01:00

grub-macho2img.c

* util/grub-macho2img.c: Use plain fopen rather than grub_util_fopen.

2013-11-11 22:48:43 +01:00

grub-menulst2cfg.c

Add a wrapper for fopen. On unix-like systems just pass-through. On

2013-10-13 20:36:28 +02:00

grub-mkconfig_lib.in

grub-mkconfig: If $hints is not set reduce the output into grub.cfg to just 1 line

2020-09-18 22:31:30 +02:00

grub-mkconfig.in

grub-mkconfig: Restore umask for the grub.cfg

2021-12-23 01:43:59 +01:00

grub-mkfont.c

util/grub-mkfont: Fix memory leak in write_font_pf2()

2021-11-02 16:41:09 +01:00

grub-mkimage32.c

xen_pvh: Support building a standalone image

2018-12-12 12:03:27 +01:00

grub-mkimage64.c

xen_pvh: Support building a standalone image

2018-12-12 12:03:27 +01:00

grub-mkimage.c

shim_lock: Only skip loading shim_lock verifier with explicit consent

2021-03-02 15:54:19 +01:00

grub-mkimagexx.c

util/mkimage: Fix wrong PE32+ section sizes for some arches

2021-05-10 15:18:34 +02:00

grub-mklayout.c

grub-mklayout: check subscript bounds

2016-01-09 14:13:36 +03:00

grub-mknetdir.c

grub-install: Add backup and restore

2021-06-01 17:20:20 +02:00

grub-mkpasswd-pbkdf2.c

Build fixes for argp.h with older gcc.

2013-12-21 18:08:25 +01:00

grub-mkrelpath.c

Build fixes for argp.h with older gcc.

2013-12-21 18:08:25 +01:00

grub-mkrescue.c

util/grub-mkrescue: Fix memory leak in write_part()

2021-11-02 16:38:38 +01:00

grub-mkstandalone.c

grub-install: Add backup and restore

2021-06-01 17:20:20 +02:00

grub-module-verifier32.c

Verify modules on build-time rather than failing in runtime.

2015-12-31 13:09:15 +01:00

grub-module-verifier64.c

Verify modules on build-time rather than failing in runtime.

2015-12-31 13:09:15 +01:00

grub-module-verifier.c

Support R_PPC_PLTREL24

2019-03-25 15:08:49 +01:00

grub-module-verifierXX.c

grub-module-verifier: Report the filename or modname in errors

2018-09-12 13:24:36 +02:00

grub-mount.c

Change fs functions to add fs_ prefix

2019-04-09 10:03:29 +10:00

grub-pe2elf.c

calloc: Use calloc() at most places

2020-07-29 16:55:47 +02:00

grub-probe.c

disk: Rename grub_disk_get_size() to grub_disk_native_sectors()

2020-12-12 01:19:03 +01:00

grub-reboot.in

grub-reboot: Warn when "for the next boot only" promise cannot be kept

2018-09-13 11:01:10 +02:00

grub-render-label.c

Build fixes for argp.h with older gcc.

2013-12-21 18:08:25 +01:00

grub-script-check.c

Build fixes for argp.h with older gcc.

2013-12-21 18:08:25 +01:00

grub-set-default.in

Change -v to -V for version of shell utils.

2016-02-12 15:46:05 +01:00

grub-setup.c

mbr: Warn if MBR gap is small and user uses advanced modules

2020-12-12 01:19:03 +01:00

grub-syslinux2cfg.c

Fix canonicalize_file_name clash.

2015-03-04 01:00:19 +01:00

import_gcry.py

fix Mingw W64-32 cross compile failure due to printf redefinition in libintl.h

2014-01-25 21:49:41 +04:00

import_gcrypth.sed

Import libgcrypt 1.5.3.

2013-11-07 06:35:50 +01:00

import_unicode.py

* util/import_unicode.py: Add missing brackets around string for

2012-03-10 20:47:12 +01:00

misc.c

Move file loading functions to grub-emu.

2016-01-05 21:10:27 +01:00

mkimage.c

shim_lock: Only skip loading shim_lock verifier with explicit consent

2021-03-02 15:54:19 +01:00

probe.c

Fix canonicalize_file_name clash.

2015-03-04 01:00:19 +01:00

render-label.c

Fix canonicalize_file_name clash.

2015-03-04 01:00:19 +01:00

resolve.c

util/setup: fix grub_util_path_list leak

2016-01-09 13:55:18 +03:00

setup_bios.c

Split grub-setup.c into frontend (grub-setup.c) and backend (setup.c)

2013-10-15 16:16:04 +02:00

setup_sparc.c

Split grub-setup.c into frontend (grub-setup.c) and backend (setup.c)

2013-10-15 16:16:04 +02:00

setup.c

mbr: Warn if MBR gap is small and user uses advanced modules

2020-12-12 01:19:03 +01:00

spkmodem-recv.c

Improve spkmomdem reliability by adding a separator between bytes.

2013-01-21 14:55:30 +01:00