1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00
Commit graph

25 commits

Author SHA1 Message Date
Pete Batard
3329304e67
[grub] update DB for GRUB 2.12~rc1
* Also fix some Coverity warnings in stdlg.c.
2023-07-13 10:11:52 +02:00
Pete Batard
be5b590cfb
[uefi] add parsing and copying of the system's SkuSiPolicy.p7b
* Instead of embedding the content of the most recent revoked bootloader hashes in db.h
  we now parse the system's SkuSiPolicy.p7b to do so. This has the drawback of not alerting
  users running Rufus on systems where SkuSiPolicy.p7b is not up to date, but I believe the
  trade-off is worth it.
* We now also copy the system's SkuSiPolicy.p7b to the created media when possible (for
  Windows 10 or later), so that Microsoft's WDAC UEFI revocations can apply during boot.
2023-06-18 19:07:45 +02:00
Pete Batard
43764268de
[uefi] add detection and warning for revoked bootloaders
* Considering that alerting users to potential security breaches that may be
  exploited by boot media should also be performed by application that create
  them, we add detection for all the currently known revoked UEFI bootloaders,
  be it the ones from the official UEFI DBX as well as the ones from Windows'
  SkuSiPolicy.p7b, and warn the user when one such bootloader is detected on
  their source media.
* Note that, to actually be revoked, the bootloaders flagged through SkuSiPolicy
  require the copying of the .p7b to the boot media, which we are currently
  not enacting but will perform in a subsequent commit.
* Also fix a Coverity warning in hash.c.
2023-06-16 20:36:50 +02:00
Pete Batard
beb847511b
Rufus 4.1 (Build 2045)
* Also revert GRUB 2 core.img to vanilla 2.06, with the hope that GRUB will
  *ACTUALLY* bother to release in 2023 and we will be able to update to
  GRUB 2.12 (or whatever non-sequential version they decide to go with) to
  say a most welcome goodbye to this whole 2.06 incompatibility crap!
2023-05-31 18:24:46 +01:00
Pete Batard
0bda98f0ed
[misc] update DB for newer GRUB core.img's
* See pbatard/rufus-web@320b800592
* Also fix © sign not displaying properly in executable details page
2023-04-28 17:34:06 +01:00
Pete Batard
fcae51a446
[grub] force server download for nonstandard GRUB (Fedora 37, openSUSE Live, GeckoLinux)
* This reverts most of 3528ca773d in order to download 'core.img' from our server instead of patching it.
* Also solve the issue of downloading a custom 'core.img' for Fedora 37, that introduced
  a new 'grub_debug_is_enabled' symbol without altering their GRUB version string.
* This is accomplished by doing what the distro maintainers should have done on their
  own, by appending a custom suffix to the GRUB version string.
2022-10-06 23:39:32 +01:00
Pete Batard
a519e3b03b
[misc] fix console hogger not being deleted on exit
* Also update hash DB and readme for latest Grub4DOS
2021-10-23 15:14:46 +01:00
Pete Batard
57af9e7106
[misc] set rufus-next to 3.15
* Also update DB for GRUB 2.06 binary and fix a line break when writing images
2021-06-22 19:08:34 +01:00
Pete Batard
2bcb68efd8
[misc] update ChangeLog for BETA
* Since Ubuntu 21.04 forces a new release...
* Also update DB for latest GRUB "2.04" and fix a minor loc capitalization issue
2021-04-23 22:25:56 +01:00
Pete Batard
29c10d3ee0
Update Grub4DOS and signature DB to latest
* Of course, since Grub4DOS's grldr.mbr hasn't changed from previous releases
  there's not much to update there, but then again, people like version bumps.
2021-03-25 21:19:13 +00:00
Pete Batard
e987272287
[grub] update GRUB 2.04 core.img for Ubuntu 20.10 support
* GRUB have cherry-picked patches from the "BootHole" vulnerability fix at
  https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html and
  have applied them to their 2.04 GRUB loader.
* This results in breakage with "error: symbol 'grub_calloc' not found" when
  using the release GRUB 2.04 version of core.img.
* Therefore, we too cherry-picked some patches to apply on top of GRUB 2.04
  release to make our core.img compatible with Ubuntu 20.10.
* Closes #1616
* Also increase the maximum write stride for ms-sys to 64 KB (required to
  write the GRUB 2.05 bootloader which is larger than 32 KB) and update hash DB.
2020-09-16 13:59:06 +01:00
Pete Batard
8afb6f220f
v3.6 (build 1551) 2019-07-18 13:31:29 +01:00
Pete Batard
1bbb053f70
[misc] update ChangeLog for BETA 2019-07-08 16:03:52 +01:00
Pete Batard
4b38483a68
[ext2fs] improve persistence partition creation's progress report
* Closes #691
2019-04-19 13:24:20 +01:00
Pete Batard
d93ae1e598
[core] fix 2.x → 3.x regression that removed NTFS for Grub4DOS
* Also update file hash DB
2019-04-18 12:53:12 +01:00
Pete Batard
f8592959bd
[misc] update components for 3.4 BETA 2018-11-22 15:34:21 +00:00
Pete Batard
3ba7c9eab0 [grub] update grub4dos to latest and update db entry for grub 2.03
* Also improve PowerShell invocation for Controlled Folder Access detection
2018-06-12 16:01:14 +01:00
Pete Batard
9cd04be529 [grub] update grub4dos to latest and add db entry for grub 2.03 2017-11-02 12:49:05 +00:00
Pete Batard
9e2d0239e6 [grub] update Grub4DOS to latest
* Also update AppVeyor build script
2017-05-15 12:45:03 +01:00
Pete Batard
e52947f300 [grub] update GRUB to 2.02 release
* Just update the headers really, since all the core.img
  from 2.02~rc1 upwards have been binary identical.
* Also fix a potential small issue in process.c
2017-05-05 19:21:53 +01:00
Pete Batard
cbd31af448 [grub] update GRUB to 2.02~rc2 2017-04-05 11:12:58 +01:00
Pete Batard
8626ca949e [grub] update Grub4DOS to latest
* Also update the SHA256 DB
2017-01-13 11:12:57 +00:00
Pete Batard
cee50bd189 [grub] update Grub4DOS 0.4.6a to latest
* Also update Changelog
2016-07-10 21:51:46 +01:00
Pete Batard
bf679271b8 [misc] prevent application launch if running non elevated
* Since, despite what Microsoft states, having 'requireAdministrator' in a manifest STILL isn't
  enough to prevent an app from launching as non elevated for some weird account configurations...
* Closes #757
2016-05-26 21:47:01 +01:00
Pete Batard
790aacd49a [core] add SHA-256 validation DB for downloadable content
* Downloadable content will now be indicating, in the log, whether it can be trusted with ✓ (validated) or ✗ (caution)
* Of course this validation only applies for files we know of, i.e. the downloadable content that existed at the time the DB was
  created. So, if Syslinux 8.x gets released tomorrow and we put it on our server, you'll get an ✗ regardless of its integrity.
* Closes #758
2016-05-25 12:20:20 +01:00