# HG changeset patch
# User Pascal Bellard <pascal.bellard@slitaz.org>
# Date 1450286412 -3600
# Node ID 96c03c2f8bdd04614e2abf854e1a29196c9eb8b6
# Parent  de8ecd2ce530ebd24f0ee44f61285a25b094796f
grub2-efi: CVE-2015-8370 fix

diff -r de8ecd2ce530 -r 96c03c2f8bdd grub2-efi/receipt
--- a/grub2-efi/receipt	Wed Dec 16 18:01:12 2015 +0100
+++ b/grub2-efi/receipt	Wed Dec 16 18:20:12 2015 +0100
@@ -18,6 +18,9 @@
 # Rules to configure and make the package.
 compile_rules()
 {
+	# CVE-2015-8370
+	sed -i "s/'.b'/& \\&\\& cur_len/" grub-core/lib/crypto.c grub-core/normal/auth.c
+
 	# Fixes for flex 2.5.37
 	export CFLAGS="-Wno-error=sign-compare"
 	sed -i 's/YY_FATAL_ERROR/REMOVED_&/' grub-core/script/yylex.l