From a0569f5e812bbe27d460085d7e4430a87c55bf95 Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Wed, 22 Aug 2018 19:07:57 -0700
Subject: grub2: Fix CVE-2015-8370

This CVE is a culmination of multiple integer overflow issues that cause
multiple issues like Denial of Service and authentication bypass.

More info: https://nvd.nist.gov/vuln/detail/CVE-2015-8370

Taken from Fedora.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 7e73e9128f6a63b9198c88eea97c267810447be4)
---
 package/boot/grub2/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'package/boot/grub2/Makefile')

diff --git a/package/boot/grub2/Makefile b/package/boot/grub2/Makefile
index b2ae171569..ba6032ba9d 100644
--- a/package/boot/grub2/Makefile
+++ b/package/boot/grub2/Makefile
@@ -11,7 +11,7 @@ include $(INCLUDE_DIR)/kernel.mk
 PKG_NAME:=grub
 PKG_CPE_ID:=cpe:/a:gnu:grub2
 PKG_VERSION:=2.02
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=@GNU/grub
-- 
cgit v1.2.3