From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1N7UNH-0004jo-I5 for mharc-grub-devel@gnu.org; Mon, 09 Nov 2009 08:33:39 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1N7UNE-0004gY-F3 for grub-devel@gnu.org; Mon, 09 Nov 2009 08:33:36 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1N7UN9-0004ae-O9 for grub-devel@gnu.org; Mon, 09 Nov 2009 08:33:36 -0500 Received: from [199.232.76.173] (port=54549 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1N7UN9-0004aL-J4 for grub-devel@gnu.org; Mon, 09 Nov 2009 08:33:31 -0500 Received: from mail-pz0-f192.google.com ([209.85.222.192]:58435) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1N7UN9-0002hg-4P for grub-devel@gnu.org; Mon, 09 Nov 2009 08:33:31 -0500 Received: by pzk30 with SMTP id 30so2225684pzk.24 for ; Mon, 09 Nov 2009 05:33:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=wWx9a8IagXbwP3hwZfXWSbVab1ty+vM2sFDy7ywxAzo=; b=h6suvTupB8eBTF3o97XoNpnieXlVINh72s6kF0r1DFaxa7vXOz1ZAyFZmnQVVOe/0v fFW3PNO5fXn5PDJyH2aUE/91Sl3ZoHEKoANU/8UOULiXzJMDvVPl+7+4glB1jeX0cgGW IeglculaoeDy3u/1Y1mwHMLSWjRLJ6o79X8Mo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=bWueTGAmf/6YF6B9QolAJA/EnSq7Gytn3sFtpgfZ2jDccpcfoacNC/iDwW2VEtaY1/ sJ1C23EfnWuR4XVI9mUnEat0JYraYIuZlhlp4lxwTaGDSuJ04B5nLi6NXQ1+jY1VOu10 v2OQZiUjckbZlUaGpAGUIMnpv4YxXVU8EYw00= MIME-Version: 1.0 Received: by 10.141.13.13 with SMTP id q13mr418931rvi.40.1257773610403; Mon, 09 Nov 2009 05:33:30 -0800 (PST) In-Reply-To: <20091109010422.GA23417@thorin> References: <20091109010422.GA23417@thorin> Date: Mon, 9 Nov 2009 21:33:30 +0800 Message-ID: From: Bean To: The development of GNU GRUB Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 2) Subject: Re: Imminent bugfix release (1.97.1) X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GNU GRUB List-Id: The development of GNU GRUB List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Nov 2009 13:33:36 -0000 On Mon, Nov 9, 2009 at 9:04 AM, Robert Millan wrote: > > A security problem [1] was found in our password-checking routines, > which affects GRUB 1.97. =A0I'll be releasing 1.97.1 tomorrow. > > Additionally, I cherry-picked fixes for a few problems that should > have made it to the release, like GNU/Hurd support (see NEWS file > for details). =A0The release branch is available in: > > =A0sftp://bzr.savannah.gnu.org/srv/bzr/grub/branches/release_1_97/ > > If you have time, please test this tree, specially password support, > to help find possible problems. Hi, Actually, the function of grub_auth_strcmp puzzles me, why would it need to wait 100 ms to return the result ? grub_auth_strcmp is used in many place, so the authorized could take some time to complete. And there is a hidden issue in it, grub_auth_strcmp can accept NULL pointer as input, but grub_strcmp doesn't check for NULL pointer. --=20 Bean My repository: https://launchpad.net/burg Document: https://help.ubuntu.com/community/Burg