-
edk2 (0~20180205.c0d9813c-2ubuntu0.3) bionic-security; urgency=medium
* Fix integer overflow in DxeImageVerificationHandler. (CVE-2019-14562)
* CryptoPkg/BaseCryptLib: fix NULL dereference. (CVE-2019-14584)
-- dann frazier <email address hidden> Tue, 15 Dec 2020 15:38:17 -0700
-
edk2 (0~20180205.c0d9813c-2ubuntu0.2) bionic; urgency=medium
* Fix numeric truncation in S3BootScript[Save]*() API. (CVE-2019-14563)
* Fix use-after-free in PcdHiiOsRuntimeSupport. (CVE-2019-14586)
* Clear memory before free to avoid potential password leak.
(CVE-2019-14558)
* Fix double-unmap in SdMmcCreateTrb(). This did not impact any
of the images built from this package. (CVE-2019-14587)
* Fix memory leak in ArpOnFrameRcvdDpc(). (CVE-2019-14559)
* Fix issue that could allow an efi image with a blacklisted hash in the
dbx to be loaded. (CVE-2019-14575)
* Fix a memory leak in the ARP handler. (CVE-2019-14559)
-- dann frazier <email address hidden> Fri, 03 Apr 2020 15:15:42 -0600
-
edk2 (0~20180205.c0d9813c-2ubuntu0.1) bionic; urgency=medium
* Security fixes (LP: #1820764):
- Fix buffer overflow in BlockIo service (CVE-2018-12180)
- DNS: Check received packet size before using (CVE-2018-12178)
- Fix stack overflow with corrupted BMP (CVE-2018-12181)
-- dann frazier <email address hidden> Mon, 08 Jul 2019 10:07:19 -0600
-
edk2 (0~20180205.c0d9813c-2) unstable; urgency=medium
* Enable HTTP Boot. LP: #1750481.
-- dann frazier <email address hidden> Tue, 20 Feb 2018 13:14:10 -0700
-
edk2 (0~20180205.c0d9813c-1) unstable; urgency=medium
* New upstream release.
-- dann frazier <email address hidden> Mon, 05 Feb 2018 12:03:01 -0700
-
edk2 (0~20180105.0bc94c74-1) unstable; urgency=medium
* New upstream release.
- d/p/Revert-BaseTools-Update-Gensec-to-set-PROCESSING_REQ.patch: Drop;
superseded by upstream fix:
1e6e6e18 BaseTools: Fix GenSec GCC make failure
* Bump Standards-Version from 4.1.1 to 4.1.3.
- Use https instead of http in Vcs-Browser URL.
-- dann frazier <email address hidden> Fri, 05 Jan 2018 12:33:43 -0700
-
edk2 (0~20171205.a9212288-1) unstable; urgency=medium
* New upstream release.
- Fix Windows Server 2012 BSOD during installation. Closes: #881219.
Thanks to Jeff Ketchum.
- Bump openssl up to latest upstream version, 1.1.0g.
* d/p/Revert-BaseTools-Update-Gensec-to-set-PROCESSING_REQ.patch: Add;
fixes FTBFS.
* Change package priorities from extra (now deprecated) to optional.
-- dann frazier <email address hidden> Tue, 05 Dec 2017 15:04:06 -0700
-
edk2 (0~20171027.76fd5a66-1) unstable; urgency=medium
* New upstream release.
- Fix Win10 guests booting from IDE drives. LP: #1725560.
-- dann frazier <email address hidden> Fri, 27 Oct 2017 16:10:29 -0600
-
edk2 (0~20171010.234dbcef-1) unstable; urgency=medium
* New upstream release.
- d/p/demote-maybe-uninitialized-to-warning.patch: Drop; issue resolved
upstream.
* Bump Standards-Version from 3.9.8 to 4.1.1.
* Bump debhelper compatibility level to 10.
-- dann frazier <email address hidden> Tue, 10 Oct 2017 14:28:01 -0600
-
edk2 (0~20170911.5dfba97c-1) unstable; urgency=medium
* New upstream release.
- Now builds with gcc-7. Closes: #853382.
- d/p/no-missing-braces.diff: Refresh.
- d/p/no-stack-protector-all-archs.diff: Refresh.
- d/p/no-pie-for-arm.diff: Drop; superseded by upstream commit
a6b53806.
- OpenSSL: Switch to the new openssl-1.1-based system, which no
longer requires patching.
- d/p/demote-maybe-uninitialized-to-warning.patch: Workaround compiler
error until upstream code is fixed.
* Unset environment variables that are used internally by edk2.
* Avoid the need for "post-patches" by explicitly setting the
ACTIVE_PLATFORM and TARGET_ARCH variables on the build commandline
for ovmf, like we already do for qemu-efi-{arm,aarch64}.
-- dann frazier <email address hidden> Tue, 12 Sep 2017 13:17:42 -0600