spec: Added more code for the previous CVE fix

2024-05-28 15:17:32 +02:00 · 2024-05-28 15:17:32 +02:00 · 7f51331e48
commit 7f51331e48
parent e4e452562c
2 changed files with 13 additions and 4 deletions
--- a/.grub2.metadata
+++ b/.grub2.metadata
@ -0,0 +1,4 @@
+3b39cb0830367171760ec536cab805abdbe08bc5 unifont-13.0.06.pcf.gz
+cf0b7763c528902da7e8b05cfa248f20c8825ce5 theme.tar.bz2
+c9f93f1e195ec7a5a21d36a13b469788c0b29f0f grub-2.06.tar.xz
+d08376d97163f99ce0d61fce160d6f7667c5c944 gnulib-9f48fb992a3d7e96610c4ce8be969cff2d61a01b.tar.gz
--- a/grub2.spec
+++ b/grub2.spec
@ -16,7 +16,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.06
-Release:	79%{?dist}
+Release:	80%{?dist}
 Summary:	Bootloader with support for Linux, Multiboot and more
 License:	GPLv3+
 URL:		http://www.gnu.org/software/grub/
@ -338,9 +338,11 @@ fi
 if test ! -f ${EFI_HOME}/grub.cfg; then
    # there's no config in ESP, create one
    grub2-mkconfig -o ${EFI_HOME}/grub.cfg
+    cp -a ${EFI_HOME}/grub.cfg ${EFI_HOME}/grub.cfg.rpmsave
+    cp -a ${EFI_HOME}/grub.cfg ${GRUB_HOME}/
 fi

-if grep -q "configfile" ${EFI_HOME}/grub.cfg; then
+if grep -q "configfile" ${EFI_HOME}/grub.cfg && grep -q "root-dev-only" ${EFI_HOME}/grub.cfg; then
    exit 0 # already unified, nothing to do
 fi

@ -360,8 +362,6 @@ if test -f ${EFI_HOME}/grubenv; then
    mv --force ${EFI_HOME}/grubenv ${GRUB_HOME}/grubenv
 fi

-cp -a ${EFI_HOME}/grub.cfg ${EFI_HOME}/grub.cfg.rpmsave
-cp -a ${EFI_HOME}/grub.cfg ${GRUB_HOME}/
 mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg

 %files common -f grub.lang
@ -533,6 +533,11 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg
 %endif

 %changelog
+* Tue May 28 2024 Nicolas Frayer <nfrayer@redhat.com> - 2.06-80
+- Added more code for the previous CVE fix
+- Related: #RHEL-36249
+- Related: #RHEL-36186
+
 * Tue May 28 2024 Nicolas Frayer <nfrayer@redhat.com> - 2.06-79
 - cmd/search: Rework of CVE-2023-4001 fix
 - Resolves: #RHEL-36249