Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2018-11-18 23:24:10 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ovmf" Sun Nov 18 23:24:10 2018 rev:28 rq:649206 version:2018+git1542164568.85588389222a Changes: -------- --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes 2018-10-15 10:04:33.905979681 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new/ovmf.changes 2018-11-18 23:24:34.958033759 +0100 @@ -1,0 +2,152 @@ +Thu Nov 15 07:25:30 UTC 2018 - Gary Ching-Pang Lin <[email protected]> + +- Update to 2018+git1542164568.85588389222a (edk2-stable201811) + + UefiCpuPkg/CommonFeature: Always set FEATURE_CONTROL.Lock + + MdeModulePkg/NvmExpressPei: Refine data buffer & len check in + PassThru + + OvmfPkg/QemuVideoDxe: list "UnalignedIoInternal.h" in the INF + file + + OvmfPkg/QemuVideoDxe: VMWare SVGA device support + + OvmfPkg/QemuVideoDxe: Helper functions for unaligned port I/O + + OvmfPkg: VMWare SVGA display device register definitions + + Fix UEFI and Tiano Decompression logic issue + + MdePkg: Fix incorrect check for DisplayOnly text format in + AcpiEx + + UefiCpuPkg/PiSmmCpuDxeSmm: Separate semaphore container + + UefiCpuPkg/RegisterCpuFeaturesLib: Separate semaphore container + + UefiCpuPkg/RegisterCpuFeaturesLib: Adjust Order + + MdePkg/BaseSynchronizationLib: Fix InternalSync[De|In]crement + + UefiCpuPkg/SmmCpu: Block access-out only when static paging is + used + + MdeModulePkg/Core: fix ineffective guard page issue + + MdeModulePkg/Core: fill logic hole in + MemoryProtectionCpuArchProtocolNotify + + MdeModulePkg/Mtftp4Dxe: Fix invalid configuration of MTFTP + local port + + OvmfPkg: Replace obsoleted network drivers from platform DSC/FDF + + MdePkg/Base.h: Implement BASE_CR() via OFFSET_OF() + + MdeModulePkg/PiSmmIpl: Do not reset SMRAM to UC when CPU driver + runs + + NetworkPkg/TlsDxe: Fix failure to process multiple TLS records + + BaseTools ConvertFceToStructurePcd: Fix the array value with + empty string + + CryptoPkg/BaseCryptLib: Fix potential integer overflow issue + + ArmPkg/OpteeLib: Add APIs to communicate with OP-TEE + + UefiCpuPkg/PiSmmCpuDxeSmm: Fix ASSERT for success + + UefiCpuPkg/MpInitLib: Fix ASSERT for success + + MdeModulePkg/Core: fix an issue of potential NULL pointer access + + NetworkPkg/Mtftp6Dxe: Correct the total received and saved + block number + + MdeModulePke/Mtftp4Dxe: Correct the total received and saved + block number + + MdeModulePkg EhciDxe: Extract new EhciInsertAsyncIntTransfer + function + + MdeModulePkg XhciDxe: Extract new XhciInsertAsyncIntTransfer + function + + BaseTools: Sync the DevicePath Function update from MdePkg + + MdeModulePkg/HiiDB: Make sure database update behaviors are + atomic + + MdeModulePkg/HiiDB: Reorganize codes of exporting HII settings + + UefiCpuPkg/RegisterCpuFeaturesLib: Support combo CPU feature + style + + UefiCpuPkg/RegisterCpuFeaturesLib: Fix ECC issues + + MdeModulePkg/Core: add freed-memory guard feature + + MdeModulePkg/Core: prevent re-acquire GCD memory lock + + UefiCpuPkg/CpuDxe: prevent recursive calling of + InitializePageTablePool + + UefiCpuPkg/CpuDxe: consider freed-memory guard in non-stop mode + + MdeModulePkg: introduce UEFI freed-memory guard bit in HeapGuard + PCD + + MdeModulePkg/NvmExpressDxe: Refine PassThru IO queue creation + behavior + + MdeModulePkg/NvmExpressDxe: Always copy CQ entry to PassThru + packet + + MdeModulePkg/NvmExpressDxe: Refine data buffer & len check in + PassThru + + MdePkg: Handle various device path when optional para is not + specified + + FatPkg: Correct the line ending to CRLF + + MdePkg-BaseLib: Fix PathCleanUpDirectories() issue with + "\\..\\.." + + FatPkg/EnhancedFatDxe Fix Double Cluster Allocation + + FatBinPkg: Remove FatBinPkg and refresh document + + ShellPkg/dmem: Only dump sizeof (EFI_SYSTEM_TABLE) bytes for gST + + MdeModulePkg/UsbMass: Fix USB key write failure + + IntelFrameworkModulePkg: Add more checker in + UefiTianoDecompressLib (CVE FIX) + + MdePkg: Add more checker in UefiDecompressLib to access the + valid buffer only (CVE FIX) + + MdeModulePkg/PartitionDxe: Add check for underlying device + block size + + MdeModulePkg Xhci: Handle value 5 in Port Speed field of PORTSC + + MdeModulePkg XhciDxe: Assign Usb2Hc.XXXRevision based on SBRN + + MdePkg/BaseLib: AsciiStrToUnicodeStr(S) not handle EASCII + properly + + UefiCpuPkg/CpuCommonFeaturesLib: Register MSR base on scope Info + + UefiCpuPkg/CpuS3DataDxe: Keep old data if value already existed + + UefiCpuPkg/PiSmmCpuDxeSmm: Add logic to support semaphore type + + UefiCpuPkg/RegisterCpuFeaturesLib: Add logic to support + semaphore type + + UefiCpuPkg/RegisterCpuFeaturesLib.h: Add new dependence types + + UefiCpuPkg/Include/AcpiCpuData.h: Add Semaphore related + Information + + NetworkPkg/IpSecDxe: Fix issue to parse SA Payload + + NetworkPkg: Correct the time stamp and fix the integer overflow + issue + + NetworkPkg/TlsDxe: Remove the redundant library class + + MdePkg UefiLib: Check Table against NULL in ScanTableInSDT + + MdeModulePkg BrotliDecompressLib: Add the checker to avoid array + out of bound + + UefiCpuPkg/CpuExceptionHandlerLib: always clear descriptor data + in advance + + fix InternalSyncCompareExchange*() + + MdeModulePkg Variable: Fix Timestamp zeroing issue on + APPEND_WRITE + + MdeModulePkg/Bus/Ufs: Ensure device not return more data than + expected + + MdeModulePkg/AbsPointer: Don't access key codes when length is + wrong + + MdeModulePkg BrotliCustomDecompressLib: Don't build it for EBC + arch + + MdeModulePkg RegularExpressionDxe: Enable STDARG for variable + arguments + + MdeModulePkg/RegularExpressionDxe: Miss null pointer check + + MdeModulePkg PcdDxe: ASSERT PcdSetNvStoreDefaultId set + + UefiCpuPkg/S3Resume2Pei: disable paging before creating new + page table + + MdeModulePkg/SdMmcPciHcDxe: Allow additional SDHCI versions + + MdeModulePkg/SdMmcPciHcDxe: Add controller version defines + + MdePkg: Use VENDOR_DEVICE_PATH structure for Debug Port device + path + + ShellPkg-Cd: Ensure all valid cd targets are handled properly + + MdePkg-BaseLib: Fix PathCleanUpDirectories() error involving + "\..\.." + + MdeModulePkg/NonDiscoverablePciDeviceDxe: expose unique B/D/F + identifiers + + MdeModulePkg: Update Brotli DecompressLib to the latest v1.0.6 + + BaseTools: Update Brotli Compress to the latest one 1.0.6 + + MdePkg: Add PciRoot/PcieRoot text for ACPI Expanded Device Path + + MdePkg: Correct condition check for AcpiExp text format + + MdePkg: Correct the string order of ACPI Expanded Device Path + + MdePkg: Correct the string expression of UTF8 vendor device path + + MdeModulePkg/HiiDB: Fix incorrect structure convention for + checkbox + + Lzma: Update LZMA SDK version to 18.05 + + OvmfPkg/PlatformPei: clear CPU caches + + Various BaseTools clean up and fixes + + Various UDF fixes + + Various USB fixes +- Drop upstreamed patches + + ovmf-bsc1115916-fix-timestamp-zeroing.patch + + ovmf-bsc1115917-bounds-checking-for-ueficompress.patch + +------------------------------------------------------------------- +Wed Nov 14 04:17:53 UTC 2018 - Gary Ching-Pang Lin <[email protected]> + +- Add ovmf-bsc1115916-fix-timestamp-zeroing.patch to fix Timestamp + zeroing issue on APPEND_WRITE (bsc#1115916, CVE-2018-3613) +- Add ovmf-bsc1115917-bounds-checking-for-ueficompress.patch for + the bound checking of ueficompress (bsc#1115917, CVE-2017-5731, + CVE-2017-5732, CVE-2017-5733, CVE-2017-5734, CVE-2017-5735) + +------------------------------------------------------------------- Old: ---- ovmf-2018+git1538590187.c0b1f749ef13.tar.xz New: ---- ovmf-2018+git1542164568.85588389222a.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ovmf.spec ++++++ --- /var/tmp/diff_new_pack.KcSO8U/_old 2018-11-18 23:24:36.246032191 +0100 +++ /var/tmp/diff_new_pack.KcSO8U/_new 2018-11-18 23:24:36.250032186 +0100 @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # # needssslcertforbuild @@ -25,7 +25,7 @@ Summary: Open Virtual Machine Firmware License: BSD-2-Clause Group: System/Emulators/PC -Version: 2018+git1538590187.c0b1f749ef13 +Version: 2018+git1542164568.85588389222a Release: 0 Source0: %{name}-%{version}.tar.xz Source1: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz ++++++ ovmf-2018+git1538590187.c0b1f749ef13.tar.xz -> ovmf-2018+git1542164568.85588389222a.tar.xz ++++++ /work/SRC/openSUSE:Factory/ovmf/ovmf-2018+git1538590187.c0b1f749ef13.tar.xz /work/SRC/openSUSE:Factory/.ovmf.new/ovmf-2018+git1542164568.85588389222a.tar.xz differ: char 27, line 1
