Thank you. I will update title when push this change.
> -----Original Message----- > From: Laszlo Ersek [mailto:[email protected]] > Sent: Tuesday, October 23, 2018 6:32 PM > To: Gao, Liming <[email protected]>; [email protected] > Subject: Re: [edk2] [PATCH v2 0/3] Add more checker for Tianocompress and > Ueficompress(CVE FIX) > > Hi Liming, > > On 10/22/18 17:18, Liming Gao wrote: > > In V2, update commit message with fixed CVE number. > > > > Fix CVE-2017-5731,CVE-2017-5732,CVE-2017-5733,CVE-2017-5734,CVE-2017-5735 > > https://bugzilla.tianocore.org/show_bug.cgi?id=686 > > > > Liming Gao (3): > > MdePkg: Add more checker in UefiDecompressLib to access the valid > > buffer only(CVE FIX) > > IntelFrameworkModulePkg: Add more checker in > > UefiTianoDecompressLib(CVE FIX) > > BaseTools: Add more checker in Decompress algorithm to access the > > valid buffer(CVE FIX) > > > > BaseTools/Source/C/Common/Decompress.c | 23 +++++++++++++++++-- > > BaseTools/Source/C/TianoCompress/TianoCompress.c | 26 > > +++++++++++++++++++++- > > .../BaseUefiTianoCustomDecompressLib.c | 16 +++++++++++-- > > .../BaseUefiDecompressLib/BaseUefiDecompressLib.c | 17 ++++++++++++-- > > 4 files changed, 75 insertions(+), 7 deletions(-) > > > > in the subject lines, please add a space character before the string > "(CVE FIX)". This can be done before pushing, of course. > > I haven't reviewed the patches for correctness, but formally, they look > OK to me. I'm ACKing the set to confirm that. Thanks for the commit > message updates. > > Acked-by: Laszlo Ersek <[email protected]> > > Laszlo _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
