Jonathan Neuschäfer has uploaded this change for review. ( https://review.coreboot.org/21344
Change subject: payloads/external: Clone GRUB2 over HTTPS ......................................................................
payloads/external: Clone GRUB2 over HTTPS
Since the git:// protocol is unencrypted and unauthenticated, there's a security risk associated with using it: A man-in-the-middle attacker could replace e.g. the master branch with malicious code.
Mitigate this risk somewhat by cloning GRUB2 via HTTPS.
Change-Id: Ice8f8d108e7dfa1a1ecd58d9735944fa9570ace8 Signed-off-by: Jonathan Neuschäfer j.neuschaefer@gmx.net --- M payloads/external/GRUB2/Makefile 1 file changed, 1 insertion(+), 1 deletion(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/44/21344/1
diff --git a/payloads/external/GRUB2/Makefile b/payloads/external/GRUB2/Makefile index 4a0a491..71c7352 100644 --- a/payloads/external/GRUB2/Makefile +++ b/payloads/external/GRUB2/Makefile @@ -3,7 +3,7 @@ NAME-$(CONFIG_GRUB2_MASTER)=HEAD NAME-$(CONFIG_GRUB2_REVISION)=$(CONFIG_GRUB2_REVISION_ID)
-project_git_repo=git://git.sv.gnu.org/grub.git +project_git_repo=https://git.savannah.gnu.org/git/grub.git/ project_dir=grub2
unexport HOSTCC CC LD OBJCOPY STRIP