[coreboot-gerrit] Change in coreboot[master]: payloads/external: Clone GRUB2 over HTTPS
Jonathan Neuschäfer (Code Review)
gerrit at coreboot.org
Sat Sep 2 22:18:43 CEST 2017
Jonathan Neuschäfer has uploaded this change for review. ( https://review.coreboot.org/21344
Change subject: payloads/external: Clone GRUB2 over HTTPS
......................................................................
payloads/external: Clone GRUB2 over HTTPS
Since the git:// protocol is unencrypted and unauthenticated, there's a
security risk associated with using it: A man-in-the-middle attacker
could replace e.g. the master branch with malicious code.
Mitigate this risk somewhat by cloning GRUB2 via HTTPS.
Change-Id: Ice8f8d108e7dfa1a1ecd58d9735944fa9570ace8
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer at gmx.net>
---
M payloads/external/GRUB2/Makefile
1 file changed, 1 insertion(+), 1 deletion(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/44/21344/1
diff --git a/payloads/external/GRUB2/Makefile b/payloads/external/GRUB2/Makefile
index 4a0a491..71c7352 100644
--- a/payloads/external/GRUB2/Makefile
+++ b/payloads/external/GRUB2/Makefile
@@ -3,7 +3,7 @@
NAME-$(CONFIG_GRUB2_MASTER)=HEAD
NAME-$(CONFIG_GRUB2_REVISION)=$(CONFIG_GRUB2_REVISION_ID)
-project_git_repo=git://git.sv.gnu.org/grub.git
+project_git_repo=https://git.savannah.gnu.org/git/grub.git/
project_dir=grub2
unexport HOSTCC CC LD OBJCOPY STRIP
--
To view, visit https://review.coreboot.org/21344
To unsubscribe, visit https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ice8f8d108e7dfa1a1ecd58d9735944fa9570ace8
Gerrit-Change-Number: 21344
Gerrit-PatchSet: 1
Gerrit-Owner: Jonathan Neuschäfer <j.neuschaefer at gmx.net>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot-gerrit/attachments/20170902/b2665a24/attachment.html>
More information about the coreboot-gerrit
mailing list