summaryrefslogtreecommitdiff
path: root/payloads/external/GRUB2
diff options
context:
space:
mode:
authorJonathan Neuschäfer <j.neuschaefer@gmx.net>2017-09-02 20:34:53 +0200
committerMartin Roth <martinroth@google.com>2017-09-16 22:33:29 +0000
commita1c42cca001788be5a4d86450c8a6b0f277a17e3 (patch)
treea23eefed6420db6ea0f9d11a87b6189d2c53c86d /payloads/external/GRUB2
parent602d0a42d4bbc8d862e3722b72e59458e7a97999 (diff)
downloadcoreboot-a1c42cca001788be5a4d86450c8a6b0f277a17e3.tar.gz
payloads/external: Clone GRUB2 over HTTPS
Since the git:// protocol is unencrypted and unauthenticated, there's a security risk associated with using it: A man-in-the-middle attacker could replace e.g. the master branch with malicious code. Mitigate this risk somewhat by cloning GRUB2 via HTTPS. Change-Id: Ice8f8d108e7dfa1a1ecd58d9735944fa9570ace8 Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net> Reviewed-on: https://review.coreboot.org/21344 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Alexander Couzens <lynxis@fe80.eu>
Diffstat (limited to 'payloads/external/GRUB2')
-rw-r--r--payloads/external/GRUB2/Makefile2
1 files changed, 1 insertions, 1 deletions
diff --git a/payloads/external/GRUB2/Makefile b/payloads/external/GRUB2/Makefile
index 4a0a49106a..71c7352d3b 100644
--- a/payloads/external/GRUB2/Makefile
+++ b/payloads/external/GRUB2/Makefile
@@ -3,7 +3,7 @@ TAG-$(CONFIG_GRUB2_REVISION)=$(CONFIG_GRUB2_REVISION_ID)
NAME-$(CONFIG_GRUB2_MASTER)=HEAD
NAME-$(CONFIG_GRUB2_REVISION)=$(CONFIG_GRUB2_REVISION_ID)
-project_git_repo=git://git.sv.gnu.org/grub.git
+project_git_repo=https://git.savannah.gnu.org/git/grub.git/
project_dir=grub2
unexport HOSTCC CC LD OBJCOPY STRIP