From: Peter Korsgaard <peter@korsgaard.com>
To: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Julien Olivain <ju.o@free.fr>,
Romain Naour <romain.naour@smile.fr>,
Thomas Perale <thomas.perale@mind.be>,
buildroot@buildroot.org
Subject: Re: [Buildroot] Grub security situation
Date: Thu, 08 May 2025 10:11:03 +0200 [thread overview]
Message-ID: <87ldr71q08.fsf@dell.be.48ers.dk> (raw)
In-Reply-To: <20250507231902.14cbc9aa@windsurf> (Thomas Petazzoni's message of "Wed, 7 May 2025 23:19:02 +0200")
>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni@bootlin.com> writes:
Hi,
> So the only solution that I can see right now is to used grub's master
> branch (of course with a fixed commit). Of course, for 2025.02, this
> means we would bump grub to a newer version that not only has security
> fixes, but also a whole bunch of other random changes. But that's how
> grub is maintained, and I'm not sure what we can do about it.
> Opinions? Thoughts? Suggestions?
It sucks, but grub2 doesn't seem very alive and well maintained nowdays.
From the mails above it sounded like the current git version had some
regressions compared to 2.12, so using git doesn't sound that great.
Arnouts suggestion about piggy banking on Debian could be an option, or
alternatively we could simply drop grub2? With EFI I guess there is less
need for grub2 anyway?
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2025-05-08 8:11 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-07 21:19 [Buildroot] Grub security situation Thomas Petazzoni via buildroot
2025-05-08 6:27 ` Arnout Vandecappelle via buildroot
2025-05-08 8:11 ` Peter Korsgaard [this message]
2025-05-08 8:22 ` James Hilliard
2025-05-08 14:29 ` Lance Fredrickson
2025-05-08 21:38 ` Waldemar Brodkorb
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ldr71q08.fsf@dell.be.48ers.dk \
--to=peter@korsgaard.com \
--cc=buildroot@buildroot.org \
--cc=ju.o@free.fr \
--cc=romain.naour@smile.fr \
--cc=thomas.perale@mind.be \
--cc=thomas.petazzoni@bootlin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox