GRUB2 patch lists …and preOS network security

I was just watching this presentation on GRUB from FOSDEM 2019:

https://fosdem.org/2019/schedule/event/grub_upstream_and_distros/

and it mentions that Fedora has a large number of downstream patches. Before this, I didn’t realize how MANY PATCHES that GRUB2 has, in various distros. For example

https://src.fedoraproject.org/rpms/grub2/tree/master
https://build.opensuse.org/package/show/openSUSE:Factory/grub2
https://sources.debian.org/patches/grub2/2.04%7Erc1-2/

So I need to stop thinking all GRUBS are alike.

I also note this recent Debian bug report, which suggests some GRUB network security issues (which do not appear to be Debian-centric):

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930217

I hope GRUB’s network issues can be improved, maybe the additional focus of firmware security researchers?

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s