[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug 1852196] Re: update edk2 submodule & binaries to edk2-stable202008
From: |
Laszlo Ersek (Red Hat) |
Subject: |
[Bug 1852196] Re: update edk2 submodule & binaries to edk2-stable202008 |
Date: |
Tue, 08 Sep 2020 07:47:23 -0000 |
** Description changed:
- edk2-stable202005 has been tagged:
+ Consume the following upstream edk2 releases:
- https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-
- Planning
+ https://github.com/tianocore/edk2/releases/tag/edk2-stable201908
+ https://github.com/tianocore/edk2/releases/tag/edk2-stable201911
+ https://github.com/tianocore/edk2/releases/tag/edk2-stable202002
+ https://github.com/tianocore/edk2/releases/tag/edk2-stable202005
+ https://github.com/tianocore/edk2/releases/tag/edk2-stable202008
- https://github.com/tianocore/edk2/releases/tag/edk2-stable202005
+ Worth mentioning (in random order):
- Relevant fixes / features in edk2, since edk2-stable201905 (which is
- what QEMU bundles at the moment, from LP#1831477):
+ - various CVE fixes [*]
+ - OpenSSL-1.1.1g
+ - UEFI HTTPS Boot for ARM/AARCH64
+ - TPM2 for ARM/AARCH64
+ - VCPU hotplug with SMI
+ - support for Linux v5.7+ initrd and mixed mode loading
+ - Fusion-MPT SCSI driver in OVMF
+ - VMware PVSCSI driver in OVMF
+ - PXEv4 / PXEv6 boot possible to disable on the QEMU command line
+ - SEV-ES support
- - enable UEFI HTTPS Boot in ArmVirtQemu* platforms
- https://bugzilla.tianocore.org/show_bug.cgi?id=1009
- (this is from edk2-stable201908)
+ [*] the below list has been collected simply from the subject lines in
+ commit range edk2-stable201905..edk2-stable202008:
- - fix CVE-2019-14553 (Invalid server certificate accepted in HTTPS Boot)
- https://bugzilla.tianocore.org/show_bug.cgi?id=960
+ CVE-2019-11098 CVE-2019-14553 CVE-2019-14558 CVE-2019-14559
+ CVE-2019-14562 CVE-2019-14563 CVE-2019-14575 CVE-2019-14586
+ CVE-2019-14587
- - consume OpenSSL-1.1.1d, for fixing CVE-2019-1543, CVE-2019-1552 and
- CVE-2019-1563
- https://bugzilla.tianocore.org/show_bug.cgi?id=2226
+ (Note that any given CVE from the above list may or may not affect the
+ firmware binaries packaged with upstream QEMU; consult the upstream
+ TianoCore bug tracker at <https://bugzilla.tianocore.org/> for details.)
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1852196
Title:
update edk2 submodule & binaries to edk2-stable202008
Status in QEMU:
In Progress
Bug description:
Consume the following upstream edk2 releases:
https://github.com/tianocore/edk2/releases/tag/edk2-stable201908
https://github.com/tianocore/edk2/releases/tag/edk2-stable201911
https://github.com/tianocore/edk2/releases/tag/edk2-stable202002
https://github.com/tianocore/edk2/releases/tag/edk2-stable202005
https://github.com/tianocore/edk2/releases/tag/edk2-stable202008
Worth mentioning (in random order):
- various CVE fixes [*]
- OpenSSL-1.1.1g
- UEFI HTTPS Boot for ARM/AARCH64
- TPM2 for ARM/AARCH64
- VCPU hotplug with SMI
- support for Linux v5.7+ initrd and mixed mode loading
- Fusion-MPT SCSI driver in OVMF
- VMware PVSCSI driver in OVMF
- PXEv4 / PXEv6 boot possible to disable on the QEMU command line
- SEV-ES support
[*] the below list has been collected simply from the subject lines in
commit range edk2-stable201905..edk2-stable202008:
CVE-2019-11098 CVE-2019-14553 CVE-2019-14558 CVE-2019-14559
CVE-2019-14562 CVE-2019-14563 CVE-2019-14575 CVE-2019-14586
CVE-2019-14587
(Note that any given CVE from the above list may or may not affect the
firmware binaries packaged with upstream QEMU; consult the upstream
TianoCore bug tracker at <https://bugzilla.tianocore.org/> for details.)
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1852196/+subscriptions