diff --git a/grub2.spec b/grub2.spec index 1cdadba..51c0c89 100644 --- a/grub2.spec +++ b/grub2.spec @@ -17,7 +17,7 @@ Name: grub2 Epoch: 1 Version: 2.06 -Release: 130%{?dist} +Release: 131%{?dist} Summary: Bootloader with support for Linux, Multiboot and more License: GPL-3.0-or-later URL: http://www.gnu.org/software/grub/ @@ -376,6 +376,8 @@ fi if test ! -f ${GRUB_HOME}/grub.cfg; then # there's no config in GRUB_HOME, create one grub2-mkconfig -o ${GRUB_HOME}/grub.cfg + cp -a ${EFI_HOME}/grub.cfg ${EFI_HOME}/grub.cfg.rpmsave + cp -a ${EFI_HOME}/grub.cfg ${GRUB_HOME}/ else # otherwise just check mode is correct, if not, fix it GRUB_CFG_MODE=$(stat --format="%a" ${GRUB_HOME}/grub.cfg) @@ -386,7 +388,7 @@ fi # make sure ${EFI_HOME}/grub.cfg is present before grepping it if test -f ${EFI_HOME}/grub.cfg; then - if ((grep -q "configfile" ${EFI_HOME}/grub.cfg || grep -q "source" ${EFI_HOME}/grub.cfg) && ! grep -q "# It is automatically generated by grub2-mkconfig using templates" ${EFI_HOME}/grub.cfg); then + if grep -q "configfile" ${EFI_HOME}/grub.cfg && grep -q "root-dev-only" ${EFI_HOME}/grub.cfg; then exit 0 #Already unified fi fi @@ -407,8 +409,6 @@ if test -f ${EFI_HOME}/grubenv; then mv --force ${EFI_HOME}/grubenv ${GRUB_HOME}/grubenv fi -cp -a ${EFI_HOME}/grub.cfg ${EFI_HOME}/grub.cfg.rpmsave -cp -a ${EFI_HOME}/grub.cfg ${GRUB_HOME}/ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg %files common -f grub.lang @@ -582,6 +582,10 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg %endif %changelog +* Mon Sep 23 2024 Nicolas Frayer - 2.06-131 +- Added more code for the previous CVE fix (CVE-2023-4001) +- Related: #RHEL-56733 + * Wed Sep 18 2024 Nicolas Frayer - 2.06-130 - aarch64/macros: Re-added flags that disappeared with previous commit - Related: #RHEL-58821