From a1c42cca001788be5a4d86450c8a6b0f277a17e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonathan=20Neusch=C3=A4fer?= Date: Sat, 2 Sep 2017 20:34:53 +0200 Subject: [PATCH] payloads/external: Clone GRUB2 over HTTPS MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Since the git:// protocol is unencrypted and unauthenticated, there's a security risk associated with using it: A man-in-the-middle attacker could replace e.g. the master branch with malicious code. Mitigate this risk somewhat by cloning GRUB2 via HTTPS. Change-Id: Ice8f8d108e7dfa1a1ecd58d9735944fa9570ace8 Signed-off-by: Jonathan Neuschäfer Reviewed-on: https://review.coreboot.org/21344 Tested-by: build bot (Jenkins) Reviewed-by: Paul Menzel Reviewed-by: Alexander Couzens --- payloads/external/GRUB2/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/payloads/external/GRUB2/Makefile b/payloads/external/GRUB2/Makefile index 4a0a49106a..71c7352d3b 100644 --- a/payloads/external/GRUB2/Makefile +++ b/payloads/external/GRUB2/Makefile @@ -3,7 +3,7 @@ TAG-$(CONFIG_GRUB2_REVISION)=$(CONFIG_GRUB2_REVISION_ID) NAME-$(CONFIG_GRUB2_MASTER)=HEAD NAME-$(CONFIG_GRUB2_REVISION)=$(CONFIG_GRUB2_REVISION_ID) -project_git_repo=git://git.sv.gnu.org/grub.git +project_git_repo=https://git.savannah.gnu.org/git/grub.git/ project_dir=grub2 unexport HOSTCC CC LD OBJCOPY STRIP