[edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 & TCBZ4118

Fri, 12 Jan 2024 11:16:05 -0800 

This patch series include the combined / merged security patches
(as seperate commits) for TCBZ4117 (CVE-2022-36763) and TCBZ4118
(CVE-2022-36764) for DxeTpm2MeasureBootLib and DxeTpmMeasureBootLib.
These patches have already been reviewed by SecurityPkg Maintainer
(Jiewen) on GHSA. 

This patch series (specifically TCBZ4117) supersedes TCBZ2168.

Cc: Jiewen Yao <jiewen....@intel.com>

Douglas Flick [MSFT] (6):
  SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117 - CVE
    2022-36763
  SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 - CVE
    2022-36763
  SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml
  SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE
    2022-36764
  SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE
    2022-36764
  SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml

 SecurityPkg/Test/SecurityPkgHostTest.dsc      |   2 +
 .../DxeTpm2MeasureBootLib.inf                 |   4 +-
 ...Tpm2MeasureBootLibSanitizationTestHost.inf |  28 ++
 .../DxeTpmMeasureBootLib.inf                  |   4 +-
 ...eTpmMeasureBootLibSanitizationTestHost.inf |  28 ++
 .../DxeTpm2MeasureBootLibSanitization.h       | 139 +++++++
 .../DxeTpmMeasureBootLibSanitization.h        | 137 +++++++
 .../DxeTpm2MeasureBootLib.c                   |  87 ++--
 .../DxeTpm2MeasureBootLibSanitization.c       | 319 +++++++++++++++
 .../DxeTpm2MeasureBootLibSanitizationTest.c   | 345 ++++++++++++++++
 .../DxeTpmMeasureBootLib.c                    |  53 ++-
 .../DxeTpmMeasureBootLibSanitization.c        | 285 +++++++++++++
 .../DxeTpmMeasureBootLibSanitizationTest.c    | 387 ++++++++++++++++++
 SecurityPkg/SecurityFixes.yaml                |  36 ++
 SecurityPkg/SecurityPkg.ci.yaml               |   2 +
 15 files changed, 1801 insertions(+), 55 deletions(-)
 create mode 100644 
SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTestHost.inf
 create mode 100644 
SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTestHost.inf
 create mode 100644 
SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.h
 create mode 100644 
SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
 create mode 100644 
SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitization.c
 create mode 100644 
SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2MeasureBootLibSanitizationTest.c
 create mode 100644 
SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
 create mode 100644 
SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
 create mode 100644 SecurityPkg/SecurityFixes.yaml

-- 
2.43.0


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#113756): https://edk2.groups.io/g/devel/message/113756
Mute This Topic: https://groups.io/mt/103675434/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to