Change logs for edk2 source package in Xenial

  • edk2 (0~20160408.ffea0a2c-2ubuntu0.2) xenial-security; urgency=medium
    
      * Fix integer overflow in DxeImageVerificationHandler. (CVE-2019-14562)
      * CryptoPkg/BaseCryptLib: fix NULL dereference. (CVE-2019-14584)
    
     -- dann frazier <email address hidden>  Tue, 15 Dec 2020 16:38:25 -0700
  • edk2 (0~20160408.ffea0a2c-2ubuntu0.1) xenial; urgency=medium
    
      * Security fixes (LP: #1820764):
        - Fix buffer overflow in BlockIo service (CVE-2018-12180)
        - DNS: Check received packet size before using (CVE-2018-12178)
        - Fix stack overflow with corrupted BMP (CVE-2018-12181)
      * Fix numeric truncation in S3BootScript[Save]*() API. (CVE-2019-14563)
      * Fix use-after-free in PcdHiiOsRuntimeSupport. (CVE-2019-14586)
      * Clear memory before free to avoid potential password leak.
        (CVE-2019-14558)
      * Fix double-unmap in SdMmcCreateTrb(). This did not impact any
        of the images built from this package. (CVE-2019-14587)
      * Fix memory leak in ArpOnFrameRcvdDpc(). (CVE-2019-14559)
      * Fix issue that could allow an efi image with a blacklisted hash in the
        dbx to be loaded. (CVE-2019-14575)
      * Fix a memory leak in the ARP handler. (CVE-2019-14559)
    
     -- dann frazier <email address hidden>  Thu, 16 Apr 2020 09:05:29 -0600
  • edk2 (0~20160408.ffea0a2c-2) unstable; urgency=medium
    
      * Provide split AAVMF_{CODE,VARS}.fd for arm64 in the qemu-efi package,
        for VM-friendly nvram persistence in the same style as Fedora et al.
        and by analogy with the OVMF_{CODE,VARS}.fd on x86.  Thanks to
        William Grant <email address hidden> for the patch.
    
    edk2 (0~20160408.ffea0a2c-1) unstable; urgency=medium
    
      [ dann frazier ]
      * New upstream version.
        - d/p/enable-nvme: Drop; superseded by upstream commit 8ae3832d.
        - d/p/no-missing-braces.diff: Refresh.
        - d/p/FatPkg-AARCH64.diff: Drop; fixed upstream in commit 04a4fdb9.
        - d/p/no-stack-protector-all-archs.diff: Refresh.
        - d/p/arm64-mistrict-align.patch: Drop; superseded by upstream
          commit d764d5984.
      * Move out of non-free as the FAT driver has been replaced with a free
        implementation, Thanks to Microsoft.  Closes: #815618, LP: #1569602.
      * Add SECURE_BOOT_ENABLE flag to aarch64 build to enable support for UEFI
        Secure Boot.  Closes: #819757. Thanks to Linn Crosetto.
    
     -- Steve Langasek <email address hidden>  Sat, 16 Apr 2016 00:30:50 +0000
  • edk2 (0~20160104.c2a892d7-1) unstable; urgency=medium
    
      * New upstream version.
        - Fixes support for kvm GPU passthrough.  Closes: #810163.
        - Adds GICv3 support.  Closes: #810495.
    
      [ dann frazier ]
      * Use GCC49 toolchain for all architectures; the ARMGCC toolchain has
        been dropped upstream.
      * Supersede debian/patches/arm64-no-expensive-optimizations.patch
        with debian/patches/arm64-mstrict-align.patch.  Closes LP: #1489460.
    
     -- Steve Langasek <email address hidden>  Thu, 28 Jan 2016 01:35:30 +0000
  • edk2 (0~20150106.5c2d456b-2) unstable; urgency=medium
    
      [ Steve Langasek ]
      * Build-depend on gcc-aarch64-linux-gnu and make qemu-efi an Arch: all
        package.
      * Ship OVMF_CODE.fd and OVMF_VARS.fd for proper EFI variable support.
        Closes: #764918.  Continue shipping OVMF.fd too for now, for
        compatibility.
    
      [ dann frazier ]
      * qemu-efi: Switch to Intel BDS. This supports a fallback to the removable
        media path (i.e. \EFI\BOOT\BOOTaa64.EFI) as required by the Linaro VM
        Specification.  Closes: #796928.
      * debian/patches/arm64-no-expensive-optimizations.patch: Workaround
        ARM64 compiler issue by disabling certain optimizations.
        Closes: LP #1489560
    
     -- Steve Langasek <email address hidden>  Thu, 03 Sep 2015 22:08:41 +0000