Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2019-12-07 15:15:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.4691 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ovmf" Sat Dec 7 15:15:50 2019 rev:40 rq:753074 version:201911 Changes: -------- --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes 2019-11-08 15:23:45.434869808 +0100 +++ /work/SRC/openSUSE:Factory/.ovmf.new.4691/ovmf.changes 2019-12-07 15:17:42.171776174 +0100 @@ -1,0 +2,68 @@ +Tue Dec 3 02:35:19 UTC 2019 - Gary Ching-Pang Lin <g...@suse.com> + +- Update to edk2-stable201911 + + SecurityPkg: Fix TPM2 ACPI measurement + + MdeModulePkg: Enable variable runtime cache by default + + OvmfPkg: Disable variable runtime cache + + MdeModulePkg/Variable: Add RT GetVariable() cache support + + CryptoPkg: Upgrade OpenSSL to 1.1.1d + + MdePkg-UefiSpec.h: Add UEFI 2.8 new memory attributes + + MdePkg/UefiFileHandleLib: Fix potential NULL dereference + + NetworkPkg/HttpDxe: Set the HostName for the verification + (CVE-2019-14553) + + NetworkPkg/TlsDxe: Add the support of host validation to TlsDxe + driver (CVE-2019-14553) + + CryptoPkg/TlsLib: TlsSetVerifyHost: parse IP address literals + as such (CVE-2019-14553) + + CryptoPkg/TlsLib: Add the new API "TlsSetVerifyHost" + (CVE-2019-14553) + + MdePkg/Include/Protocol/Tls.h: Add the data type of + EfiTlsVerifyHost (CVE-2019-14553) + + MdeModulePkg/BdsDxe: Fix PlatformRecovery issue + + NetworkPkg/SnpDxe: Add PCD to remove ExitBootServices event + from SNP driver + + MdeModulePkg: Update to support SmBios 3.3.0 + + UefiCpuPkg/MpInitLib: honor the platform's boot CPU count in AP + detection + + SecurityPkg/Tcg2: Add Support Laml, Lasa for TPM2 ACPI + + OvmfPkg/PlatformDxe: fix EFI_HII_HANDLE parameters of internal + functions + + OvmfPkg/VirtioNetDxe: fix SignalEvent() call + + OvmfPkg/XenBusDxe: fix UninstallMultipleProtocolInterfaces() + call + + NetworkPkg/Ip4Dxe: fix NetLibDestroyServiceChild() call + + MdeModulePkg/ScsiDiskDxe: Support Storage Security Command + Protocol + + MdePkg: Implement SCSI commands for Security Protocol In/Out + + MdeModulePkg/TerminalDxe: Enhance the arrow keys support + + MdeModulePkg/UefiBootManager: Unload image on + EFI_SECURITY_VIOLATION + + MdeModulePkg/DxeCapsuleLibFmp: Unload image on + EFI_SECURITY_VIOLATION + + MdeModulePkg: Extend the support keyboard type of Terminal + console + + UefiCpuPkg/CpuExceptionHandlerLib: Fix split lock + + UefiCpuPkg: Fix potential spinLock issue in SmmStartupThisAp + + UefiCpuPkg/PiSmmCpu: Enable 5L paging only when phy addr line + > 48 + + OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval + handling + + ArmVirtPkg/PlatformBootManagerLib: unload image on + EFI_SECURITY_VIOLATION + + ShellPkg/ShellPkg.dsc AARCH64: enable stack protector + + ArmVirtPkg/ArmVirtPrePiUniCoreRelocatable: revert to PIE + linking + + BaseTools/GenFw AARCH64: fix up GOT based relative relocations + + ShellPkg/Pci.c: Update supported link speed to PCI5.0 + + PcAtChipsetPkg: add PcdRealTimeClockUpdateTimeout + + UefiCpuPkg: Add PcdCpuSmmRestrictedMemoryAccess + + ShellPkg/CommandLib: avoid NULL derefence and memory leak + + MdePkg/DxeHstiLib: Added checks to improve error handling + + BaseTools: Support more file types in build cache + + UefiCpuPkg/SecCore: get AllSecPpiList after SecPlatformMain +- Update openssl to 1.1.1d + + Add openssl-fix-syntax-error.patch to fix a syntax error +- Drop ovmf-bsc1153072-fix-invalid-https-cert.patch + + Already upstreamed + +------------------------------------------------------------------- Old: ---- edk2-stable201908.tar.gz openssl-1.1.1b.tar.gz openssl-1.1.1b.tar.gz.asc ovmf-bsc1153072-fix-invalid-https-cert.patch New: ---- edk2-stable201911.tar.gz openssl-1.1.1d.tar.gz openssl-1.1.1d.tar.gz.asc openssl-fix-syntax-error.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ovmf.spec ++++++ --- /var/tmp/diff_new_pack.b7wBZ5/_old 2019-12-07 15:17:47.331775444 +0100 +++ /var/tmp/diff_new_pack.b7wBZ5/_new 2019-12-07 15:17:47.367775439 +0100 @@ -1,7 +1,7 @@ # # spec file for package ovmf # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,15 +20,15 @@ %define secureboot_archs x86_64 aarch64 %undefine _build_create_debug -%global openssl_version 1.1.1b +%global openssl_version 1.1.1d %global softfloat_version b64af41c3276f Name: ovmf -Url: http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=EDK2 +URL: http://sourceforge.net/apps/mediawiki/tianocore/index.php?title=EDK2 Summary: Open Virtual Machine Firmware License: BSD-2-Clause-Patent Group: System/Emulators/PC -Version: 201908 +Version: 201911 Release: 0 Source0: https://github.com/tianocore/edk2/archive/edk2-stable%{version}.tar.gz Source1: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz @@ -49,7 +49,7 @@ Patch3: %{name}-pie.patch Patch4: %{name}-disable-ia32-firmware-piepic.patch Patch5: %{name}-set-fixed-enroll-time.patch -Patch6: %{name}-bsc1153072-fix-invalid-https-cert.patch +Patch6: openssl-fix-syntax-error.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bc BuildRequires: fdupes @@ -172,11 +172,11 @@ %patch3 -p1 %patch4 -p1 %patch5 -p1 -%patch6 -p1 # add openssl pushd CryptoPkg/Library/OpensslLib/openssl tar -xf %{SOURCE1} --strip 1 +%patch6 -p1 popd # add berkeley-softfloat-3 ++++++ edk2-stable201908.tar.gz -> edk2-stable201911.tar.gz ++++++ /work/SRC/openSUSE:Factory/ovmf/edk2-stable201908.tar.gz /work/SRC/openSUSE:Factory/.ovmf.new.4691/edk2-stable201911.tar.gz differ: char 12, line 1 ++++++ openssl-1.1.1b.tar.gz -> openssl-1.1.1d.tar.gz ++++++ /work/SRC/openSUSE:Factory/ovmf/openssl-1.1.1b.tar.gz /work/SRC/openSUSE:Factory/.ovmf.new.4691/openssl-1.1.1d.tar.gz differ: char 5, line 1 ++++++ openssl-fix-syntax-error.patch ++++++ >From c3656cc594daac8167721dde7220f0e59ae146fc Mon Sep 17 00:00:00 2001 From: "Dr. Matthias St. Pierre" <matthias.st.pie...@ncp-e.com> Date: Wed, 11 Sep 2019 10:25:43 +0200 Subject: [PATCH] crypto/threads_none.c: fix syntax error in openssl_get_fork_id() Fixes #9858 Reviewed-by: Matt Caswell <m...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9860) --- crypto/threads_none.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/threads_none.c b/crypto/threads_none.c index aabf0e0dc0..aaaaae872a 100644 --- a/crypto/threads_none.c +++ b/crypto/threads_none.c @@ -143,7 +143,7 @@ int openssl_get_fork_id(void) # if defined(OPENSSL_SYS_UNIX) return getpid(); # else - return return 0; + return 0; # endif } #endif -- 2.24.0