[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Imminent bugfix release (1.97.1)
From: |
Bean |
Subject: |
Re: Imminent bugfix release (1.97.1) |
Date: |
Mon, 9 Nov 2009 21:33:30 +0800 |
On Mon, Nov 9, 2009 at 9:04 AM, Robert Millan <address@hidden> wrote:
>
> A security problem [1] was found in our password-checking routines,
> which affects GRUB 1.97. I'll be releasing 1.97.1 tomorrow.
>
> Additionally, I cherry-picked fixes for a few problems that should
> have made it to the release, like GNU/Hurd support (see NEWS file
> for details). The release branch is available in:
>
> sftp://bzr.savannah.gnu.org/srv/bzr/grub/branches/release_1_97/
>
> If you have time, please test this tree, specially password support,
> to help find possible problems.
Hi,
Actually, the function of grub_auth_strcmp puzzles me, why would it
need to wait 100 ms to return the result ? grub_auth_strcmp is used in
many place, so the authorized could take some time to complete. And
there is a hidden issue in it, grub_auth_strcmp can accept NULL
pointer as input, but grub_strcmp doesn't check for NULL pointer.
--
Bean
My repository: https://launchpad.net/burg
Document: https://help.ubuntu.com/community/Burg
- Imminent bugfix release (1.97.1), Robert Millan, 2009/11/08
- Re: Imminent bugfix release (1.97.1), Robert Millan, 2009/11/08
- Re: Imminent bugfix release (1.97.1), Jordan Uggla, 2009/11/08
- Re: Imminent bugfix release (1.97.1),
Bean <=
- Re: Imminent bugfix release (1.97.1), Vladimir 'phcoder' Serbinenko, 2009/11/09
- Re: Imminent bugfix release (1.97.1), Robert Millan, 2009/11/09
- Re: Imminent bugfix release (1.97.1), Bean, 2009/11/09
- Re: Imminent bugfix release (1.97.1), Vladimir 'phcoder' Serbinenko, 2009/11/09
- Re: Imminent bugfix release (1.97.1), Duboucher Thomas, 2009/11/09
- Re: Imminent bugfix release (1.97.1), Robert Millan, 2009/11/09
- Re: Imminent bugfix release (1.97.1), Vladimir 'phcoder' Serbinenko, 2009/11/09
- Re: Imminent bugfix release (1.97.1), Robert Millan, 2009/11/09
- Re: Imminent bugfix release (1.97.1), Bean, 2009/11/09
- Re: Imminent bugfix release (1.97.1), Vladimir 'phcoder' Serbinenko, 2009/11/09