Hi Laszlo, Do you have a particular reason to update the submodule *after* the v4.2.0 release? I'd rather see QEMU 4.2 released with edk2-stable201911, as it fixes various CVE (therefore a patch for 4.2-rc4 seems acceptable to me).
-- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1852196 Title: update edk2 submodule & binaries to edk2-stable201911 Status in QEMU: New Bug description: edk2-stable201911 will be tagged soon: https://github.com/tianocore/tianocore.github.io/wiki/EDK-II- Release-Planning https://github.com/tianocore/edk2/releases/tag/edk2-stable201911 [upcoming link] It should be picked up by QEMU, after the v4.2.0 release. Relevant fixes / features in edk2, since edk2-stable201905 (which is what QEMU bundles at the moment, from LP#1831477): - enable UEFI HTTPS Boot in ArmVirtQemu* platforms https://bugzilla.tianocore.org/show_bug.cgi?id=1009 (this is from edk2-stable201908) - fix CVE-2019-14553 (Invalid server certificate accepted in HTTPS Boot) https://bugzilla.tianocore.org/show_bug.cgi?id=960 - consume OpenSSL-1.1.1d, for fixing CVE-2019-1543, CVE-2019-1552 and CVE-2019-1563 https://bugzilla.tianocore.org/show_bug.cgi?id=2226 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1852196/+subscriptions