Ubuntu
edk2 package

Change logs for edk2 source package in Hirsute

  1. Hirsute (21.04)
  2. Change log 
  • edk2 (2020.11-4ubuntu0.1) hirsute-security; urgency=medium

  * SECURITY UPDATE: Insufficient input validation in MdeModulePkg
    - debian/patches/CVE-2019-11098-*.patch
    - CVE-2019-11098
  * SECURITY UPDATE: overflow in openssl EVP_DecryptUpdate
    - debian/patches/CVE-2021-23840.patch
    - CVE-2021-23840
  * SECURITY UPDATE: DoS via incorrect ASN.1 string termination in openssl
    - debian/patches/CVE-2021-3712-*.patch
    - CVE-2021-3712
  * SECURITY UPDATE: remote buffer overflow in IScsiHexToBin
    - debian/patches/CVE-2021-38575-*.patch
    - CVE-2021-38575

 -- Marc Deslauriers <email address hidden>  Fri, 17 Sep 2021 11:03:13 -0400
  • edk2 (2020.11-4) unstable; urgency=medium

  * UEFI/Filesystems.py: Force "/sbin" into $PATH before calling
    mkdosfs, fixing autopkgtest failures.

 -- dann frazier <email address hidden>  Tue, 09 Mar 2021 09:20:12 -0700
  • edk2 (2020.11-2) unstable; urgency=medium

  * autopkgtest: Add allow-stderr to Restrictions to fix failure.

 -- dann frazier <email address hidden>  Tue, 15 Dec 2020 11:42:37 -0700
  • edk2 (2020.11-1) unstable; urgency=medium

  * New upstream release, based on edk2-stable202011 tag.
  * Version the build-dep on qemu-system-x86 to ensure it is new enough
    to support setting smbios OEM strings on the command line. Thanks to
    Christian Ehrhardt. LP: #1900846.
  * Introduce ovmf-ia32 package. (Closes: #842683)
  * Switch OVMF_CODE_4M images to use a 32-bit PEI phase which supports
    S3 suspend. This avoids having to disable S3 in QEMU to use the
    SMM-enforcing secboot variant. Non-4M images are for backwards
    compatibility only, and remain with a 64-bit PEI phase. LP: #1903681.
    (Closes: #973783)
  * Rework autopkgtests to cover all provided images.

 -- dann frazier <email address hidden>  Sat, 12 Dec 2020 17:57:02 -0700
  • edk2 (2020.08-1) unstable; urgency=medium

  * New upstream release, based on edk2-stable202008 tag.
  * Drop patches merged upstream:
     - d/p/0001-SecurityPkg-DxeImageVerificationLib-extract-SecDataD.patch
     - d/p/0002-SecurityPkg-DxeImageVerificationLib-assign-WinCertif.patch
     - d/p/0003-SecurityPkg-DxeImageVerificationLib-catch-alignment-.patch
  * Drop patch no longer required due to upstream fixes:
     - d/p/no-missing-braces.diff
  * Refresh patch:
     - d/p/no-stack-protector-all-archs.diff

 -- dann frazier <email address hidden>  Mon, 28 Sep 2020 13:40:05 -0600
  • edk2 (2020.05-5) unstable; urgency=medium

  * Update snakeoil keys. Previous one expired 2019-12-01. New one
    expires 2120-08-14.

 -- dann frazier <email address hidden>  Mon, 07 Sep 2020 13:23:29 -0600