Change logs for edk2 source package in Groovy

  • edk2 (2020.05-5ubuntu0.2) groovy-security; urgency=medium
    
      * SECURITY UPDATE: unlimited FV recursion
        - debian/patches/CVE-2021-28210-1.patch: assert SectionInstance
          invariant in FindChildNode() in
          MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c.
        - debian/patches/CVE-2021-28210-2.patch: limit FwVol encapsulation
          section recursion in MdeModulePkg/Core/Dxe/DxeMain.inf,
          MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c,
          MdeModulePkg/MdeModulePkg.dec, MdeModulePkg/MdeModulePkg.uni.
        - CVE-2021-28210
      * SECURITY UPDATE: possible heap corruption in LzmaUefiDecompressGetInfo
        - debian/patches/CVE-2021-28211.patch: catch 4GB+ uncompressed
          buffer sizes in
          MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompress.c,
          MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompressLibInternal.h.
        - CVE-2021-28211
    
     -- Marc Deslauriers <email address hidden>  Mon, 12 Apr 2021 08:12:17 -0400
  • edk2 (2020.05-5ubuntu0.1) groovy-security; urgency=medium
    
      * CryptoPkg/BaseCryptLib: fix NULL dereference (CVE-2019-14584)
    
     -- dann frazier <email address hidden>  Tue, 05 Jan 2021 16:31:45 -0700
  • edk2 (2020.05-5) unstable; urgency=medium
    
      * Update snakeoil keys. Previous one expired 2019-12-01. New one
        expires 2120-08-14.
    
     -- dann frazier <email address hidden>  Mon, 07 Sep 2020 13:23:29 -0600
  • edk2 (2020.05-4) unstable; urgency=medium
    
      * Fix integer overflow in DxeImageVerificationHandler. (CVE-2019-14562)
        (Closes: #968819)
         - d/p/0001-SecurityPkg-DxeImageVerificationLib-extract-SecDataD.patch
         - d/p/0002-SecurityPkg-DxeImageVerificationLib-assign-WinCertif.patch
         - d/p/0003-SecurityPkg-DxeImageVerificationLib-catch-alignment-.patch
      * Re-enable TPM support, which was accidentally disabled due to an
        upstream build flag rename in 2020.05-1. LP: #1890646.
    
     -- dann frazier <email address hidden>  Wed, 02 Sep 2020 10:26:10 -0600
  • edk2 (2020.05-3ubuntu1) groovy; urgency=medium
    
      * Enable TPM support (renamed from TPM2). LP: #1890646
    
     -- Dimitri John Ledkov <email address hidden>  Tue, 01 Sep 2020 11:17:54 +0100
  • edk2 (2020.05-3) unstable; urgency=medium
    
      * Provide 4MB OVMF images as the existing 2MB images no longer
        have sufficient variable space for the current Secure Boot Forbidden
        Signature Database. LP: #1885662.
      * Update fw descriptors to reference 4M images instead of their 2M
        counterparts. This will migrate tools that use the descriptor interface
        (like libvirt) over to the 4M images when creating new VMs. Existing 2M
        VMs will require manual migration.
      * Add a 4M snakeoil variable template and drop the 2M version. This will
        break existing snakeoil VMs, but that should be OK for a test/devel
        facility.
      * Increase autopkgtest timeout from 30s to 60s. LP: #1885186.
    
     -- dann frazier <email address hidden>  Wed, 05 Aug 2020 18:33:22 -0600
  • edk2 (2020.05-2ubuntu1) groovy; urgency=medium
    
      * Increase autopkgtest timeout from 30s to 60s. LP: #1885186.
    
     -- dann frazier <email address hidden>  Thu, 25 Jun 2020 16:17:15 -0600
  • edk2 (2020.05-2) unstable; urgency=medium
    
      * Enable https boot support, thanks to Dimitri John Ledkov. LP: #1883114.
    
     -- dann frazier <email address hidden>  Thu, 11 Jun 2020 08:40:31 -0600
  • edk2 (2020.05-1ubuntu1) groovy; urgency=medium
    
      * Enable https support. (LP: #1883114)
    
     -- Dimitri John Ledkov <email address hidden>  Thu, 11 Jun 2020 15:30:43 +0100
  • edk2 (2020.05-1) unstable; urgency=medium
    
      * New upstream release, based on edk2-stable202005 tag.
    
     -- dann frazier <email address hidden>  Wed, 03 Jun 2020 15:39:40 -0600
  • edk2 (0.0~20200229-2) unstable; urgency=medium
    
      * Actually install the new "ms" descriptor.
    
     -- dann frazier <email address hidden>  Sat, 11 Apr 2020 09:17:23 -0600
  • edk2 (0~20191122.bd85bf54-2ubuntu3) focal; urgency=medium
    
      * Actually install the new "ms" descriptor.
    
     -- dann frazier <email address hidden>  Sat, 11 Apr 2020 10:19:44 -0600