Merged https://github.com/tianocore/edk2/pull/5264
> -----Original Message----- > From: Douglas Flick [MSFT] <doug.e...@gmail.com> > Sent: Friday, January 12, 2024 2:16 AM > To: devel@edk2.groups.io > Cc: Douglas Flick [MSFT] <doug.e...@gmail.com>; Yao, Jiewen > <jiewen....@intel.com> > Subject: [PATCH 0/6] SECURITY PATCHES TCBZ4117 & TCBZ4118 > > This patch series include the combined / merged security patches > (as seperate commits) for TCBZ4117 (CVE-2022-36763) and TCBZ4118 > (CVE-2022-36764) for DxeTpm2MeasureBootLib and DxeTpmMeasureBootLib. > These patches have already been reviewed by SecurityPkg Maintainer > (Jiewen) on GHSA. > > This patch series (specifically TCBZ4117) supersedes TCBZ2168. > > Cc: Jiewen Yao <jiewen....@intel.com> > > Douglas Flick [MSFT] (6): > SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117 - CVE > 2022-36763 > SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 - CVE > 2022-36763 > SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml > SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE > 2022-36764 > SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE > 2022-36764 > SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml > > SecurityPkg/Test/SecurityPkgHostTest.dsc | 2 + > .../DxeTpm2MeasureBootLib.inf | 4 +- > ...Tpm2MeasureBootLibSanitizationTestHost.inf | 28 ++ > .../DxeTpmMeasureBootLib.inf | 4 +- > ...eTpmMeasureBootLibSanitizationTestHost.inf | 28 ++ > .../DxeTpm2MeasureBootLibSanitization.h | 139 +++++++ > .../DxeTpmMeasureBootLibSanitization.h | 137 +++++++ > .../DxeTpm2MeasureBootLib.c | 87 ++-- > .../DxeTpm2MeasureBootLibSanitization.c | 319 +++++++++++++++ > .../DxeTpm2MeasureBootLibSanitizationTest.c | 345 ++++++++++++++++ > .../DxeTpmMeasureBootLib.c | 53 ++- > .../DxeTpmMeasureBootLibSanitization.c | 285 +++++++++++++ > .../DxeTpmMeasureBootLibSanitizationTest.c | 387 ++++++++++++++++++ > SecurityPkg/SecurityFixes.yaml | 36 ++ > SecurityPkg/SecurityPkg.ci.yaml | 2 + > 15 files changed, 1801 insertions(+), 55 deletions(-) > create mode 100644 > SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2Measur > eBootLibSanitizationTestHost.inf > create mode 100644 > SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureB > ootLibSanitizationTestHost.inf > create mode 100644 > SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitiza > tion.h > create mode 100644 > SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitizatio > n.h > create mode 100644 > SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitiza > tion.c > create mode 100644 > SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2Measur > eBootLibSanitizationTest.c > create mode 100644 > SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitizatio > n.c > create mode 100644 > SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureB > ootLibSanitizationTest.c > create mode 100644 SecurityPkg/SecurityFixes.yaml > > -- > 2.43.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113878): https://edk2.groups.io/g/devel/message/113878 Mute This Topic: https://groups.io/mt/103675434/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
