** Description changed: - edk2-stable202005 has been tagged: + Consume the following upstream edk2 releases: - https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release- - Planning + https://github.com/tianocore/edk2/releases/tag/edk2-stable201908 + https://github.com/tianocore/edk2/releases/tag/edk2-stable201911 + https://github.com/tianocore/edk2/releases/tag/edk2-stable202002 + https://github.com/tianocore/edk2/releases/tag/edk2-stable202005 + https://github.com/tianocore/edk2/releases/tag/edk2-stable202008 - https://github.com/tianocore/edk2/releases/tag/edk2-stable202005 + Worth mentioning (in random order): - Relevant fixes / features in edk2, since edk2-stable201905 (which is - what QEMU bundles at the moment, from LP#1831477): + - various CVE fixes [*] + - OpenSSL-1.1.1g + - UEFI HTTPS Boot for ARM/AARCH64 + - TPM2 for ARM/AARCH64 + - VCPU hotplug with SMI + - support for Linux v5.7+ initrd and mixed mode loading + - Fusion-MPT SCSI driver in OVMF + - VMware PVSCSI driver in OVMF + - PXEv4 / PXEv6 boot possible to disable on the QEMU command line + - SEV-ES support - - enable UEFI HTTPS Boot in ArmVirtQemu* platforms - https://bugzilla.tianocore.org/show_bug.cgi?id=1009 - (this is from edk2-stable201908) + [*] the below list has been collected simply from the subject lines in + commit range edk2-stable201905..edk2-stable202008: - - fix CVE-2019-14553 (Invalid server certificate accepted in HTTPS Boot) - https://bugzilla.tianocore.org/show_bug.cgi?id=960 + CVE-2019-11098 CVE-2019-14553 CVE-2019-14558 CVE-2019-14559 + CVE-2019-14562 CVE-2019-14563 CVE-2019-14575 CVE-2019-14586 + CVE-2019-14587 - - consume OpenSSL-1.1.1d, for fixing CVE-2019-1543, CVE-2019-1552 and - CVE-2019-1563 - https://bugzilla.tianocore.org/show_bug.cgi?id=2226 + (Note that any given CVE from the above list may or may not affect the + firmware binaries packaged with upstream QEMU; consult the upstream + TianoCore bug tracker at <https://bugzilla.tianocore.org/> for details.)
-- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1852196 Title: update edk2 submodule & binaries to edk2-stable202008 Status in QEMU: In Progress Bug description: Consume the following upstream edk2 releases: https://github.com/tianocore/edk2/releases/tag/edk2-stable201908 https://github.com/tianocore/edk2/releases/tag/edk2-stable201911 https://github.com/tianocore/edk2/releases/tag/edk2-stable202002 https://github.com/tianocore/edk2/releases/tag/edk2-stable202005 https://github.com/tianocore/edk2/releases/tag/edk2-stable202008 Worth mentioning (in random order): - various CVE fixes [*] - OpenSSL-1.1.1g - UEFI HTTPS Boot for ARM/AARCH64 - TPM2 for ARM/AARCH64 - VCPU hotplug with SMI - support for Linux v5.7+ initrd and mixed mode loading - Fusion-MPT SCSI driver in OVMF - VMware PVSCSI driver in OVMF - PXEv4 / PXEv6 boot possible to disable on the QEMU command line - SEV-ES support [*] the below list has been collected simply from the subject lines in commit range edk2-stable201905..edk2-stable202008: CVE-2019-11098 CVE-2019-14553 CVE-2019-14558 CVE-2019-14559 CVE-2019-14562 CVE-2019-14563 CVE-2019-14575 CVE-2019-14586 CVE-2019-14587 (Note that any given CVE from the above list may or may not affect the firmware binaries packaged with upstream QEMU; consult the upstream TianoCore bug tracker at <https://bugzilla.tianocore.org/> for details.) To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1852196/+subscriptions
