import edk2-20220126gitbb1bba3d77-4.el8
This commit is contained in:
CentOS Sources
root
parent
9d13c29e10
commit
03568541f8
@ -1,2 +1,3 @@
|
||||
fdcb04021414cdd5a7e286058ca36aca359d323d SOURCES/RedHatSecureBootPkKek1.pem
|
||||
ae830c7278f985cb25e90f4687b46c8b22316bef SOURCES/edk2-bb1bba3d77.tar.xz
|
||||
50747c8a7bb55619b69e95683c7c4172d52d1974 SOURCES/openssl-rhel-740e53ace8f6771c205bf84780e26bcd7a3275df.tar.xz
|
||||
df2e14a45d968b590194d82736fcbfe2be10d1b0 SOURCES/openssl-rhel-d00c3c5b8a9d6d3ea3dabfcafdf36afd61ba8bcc.tar.xz
|
||||
|
||||
3
.gitignore
vendored
3
.gitignore
vendored
@ -1,2 +1,3 @@
|
||||
SOURCES/RedHatSecureBootPkKek1.pem
|
||||
SOURCES/edk2-bb1bba3d77.tar.xz
|
||||
SOURCES/openssl-rhel-740e53ace8f6771c205bf84780e26bcd7a3275df.tar.xz
|
||||
SOURCES/openssl-rhel-d00c3c5b8a9d6d3ea3dabfcafdf36afd61ba8bcc.tar.xz
|
||||
|
||||
@ -1,22 +0,0 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDoDCCAoigAwIBAgIJAP71iOjzlsDxMA0GCSqGSIb3DQEBCwUAMFExKzApBgNV
|
||||
BAMTIlJlZCBIYXQgU2VjdXJlIEJvb3QgKFBLL0tFSyBrZXkgMSkxIjAgBgkqhkiG
|
||||
9w0BCQEWE3NlY2FsZXJ0QHJlZGhhdC5jb20wHhcNMTQxMDMxMTExNTM3WhcNMzcx
|
||||
MDI1MTExNTM3WjBRMSswKQYDVQQDEyJSZWQgSGF0IFNlY3VyZSBCb290IChQSy9L
|
||||
RUsga2V5IDEpMSIwIAYJKoZIhvcNAQkBFhNzZWNhbGVydEByZWRoYXQuY29tMIIB
|
||||
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB+Ee42865cmgm2Iq4rJjGhw
|
||||
+d9LB7I3gwsCyGdoMJ7j8PCZSrhZV8ZB9jiL/mZMSek3N5IumAEeWxRQ5qiNJQ31
|
||||
huarMMtAFuqNixaGcEM38s7Akd9xFI6ZDom2TG0kHozkL08l0LoG+MboGRh2cx2B
|
||||
bajYBc86yHsoyDajFg0pjJmaaNyrwE2Nv1q7K6k5SwSXHPk2u8U6hgSur9SCe+Cr
|
||||
3kkFaPz2rmgabJBNVxk8ZGYD9sdSm/eUz5NqoWjJqs+Za7yqXgjnORz3+A+6Bn7x
|
||||
y+h23f4i2q06Xls06rPJ4E0EKX64YLkF77XZF1hWFmC5MDLwNkrD8nmNEkBw8wID
|
||||
AQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVy
|
||||
YXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUPOlg4/8ZoQp7o0L0jUIutNWccuww
|
||||
HwYDVR0jBBgwFoAUPOlg4/8ZoQp7o0L0jUIutNWccuwwDQYJKoZIhvcNAQELBQAD
|
||||
ggEBAFxNkoi0gl8drYsR7N8GpnqlK583VQyNbgUArbcMQYlpz9ZlBptReNKtx7+c
|
||||
3AVzf+ceORO06rYwfUB1q5xDC9+wwhu/MOD0/sDbYiGY9sWv3jtPSQrmHvmGsD8N
|
||||
1tRGN9tUdF7/EcJgxnBYxRxv7LLYbm/DvDOHOKTzRGScNDsolCZ4J58WF+g7aQol
|
||||
qXM2fp43XOzoP9uR+RKzPc7n3RXDrowFIGGbld6br/qxXBzll+fDNBGF9YonJqRw
|
||||
NuwM9oM9kPc28/nzFdSQYr5TtK/TSa/v9HPoe3bkRCo3uoGkmQw6MSRxoOTktxrL
|
||||
R+SqIs/vdWGA40O3SFdzET14m2k=
|
||||
-----END CERTIFICATE-----
|
||||
@ -0,0 +1,42 @@
|
||||
From ec7ff1612b2f5b0075545dc705b7c2610ec83748 Mon Sep 17 00:00:00 2001
|
||||
From: Gerd Hoffmann <kraxel@redhat.com>
|
||||
Date: Fri, 10 Feb 2023 11:43:06 +0100
|
||||
Subject: [PATCH 2/2] rh openssl: add crypto/bn/rsa_sup_mul.c to file list
|
||||
|
||||
RH-Author: Gerd Hoffmann <kraxel@redhat.com>
|
||||
RH-MergeRequest: 21: openssl update
|
||||
RH-Bugzilla: 2164531 2164543 2164558 2164581
|
||||
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
||||
RH-Commit: [2/2] 61acf48e337f04b34c4f309241775b204ae2e54f (kraxel/rhel-edk-2)
|
||||
---
|
||||
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 1 +
|
||||
CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 1 +
|
||||
2 files changed, 2 insertions(+)
|
||||
|
||||
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
|
||||
index 19913a4ac6..4eaa8a756d 100644
|
||||
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
|
||||
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
|
||||
@@ -571,6 +571,7 @@
|
||||
$(OPENSSL_PATH)/ssl/statem/statem_local.h
|
||||
# Autogenerated files list ends here
|
||||
# RHEL8-specific OpenSSL file list starts here
|
||||
+ $(OPENSSL_PATH)/crypto/bn/rsa_sup_mul.c
|
||||
$(OPENSSL_PATH)/crypto/evp/kdf_lib.c
|
||||
$(OPENSSL_PATH)/crypto/evp/pkey_kdf.c
|
||||
$(OPENSSL_PATH)/crypto/kdf/kbkdf.c
|
||||
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
|
||||
index 5057857e8d..eec4771f2c 100644
|
||||
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
|
||||
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
|
||||
@@ -520,6 +520,7 @@
|
||||
$(OPENSSL_PATH)/crypto/x509v3/v3_admis.h
|
||||
# Autogenerated files list ends here
|
||||
# RHEL8-specific OpenSSL file list starts here
|
||||
+ $(OPENSSL_PATH)/crypto/bn/rsa_sup_mul.c
|
||||
$(OPENSSL_PATH)/crypto/evp/kdf_lib.c
|
||||
$(OPENSSL_PATH)/crypto/evp/pkey_kdf.c
|
||||
$(OPENSSL_PATH)/crypto/kdf/kbkdf.c
|
||||
--
|
||||
2.37.3
|
||||
|
||||
@ -7,7 +7,7 @@ ExclusiveArch: x86_64 aarch64
|
||||
|
||||
Name: edk2
|
||||
Version: %{GITDATE}git%{GITCOMMIT}
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
Summary: UEFI firmware for 64-bit virtual machines
|
||||
Group: Applications/Emulators
|
||||
License: BSD-2-Clause-Patent and OpenSSL and MIT
|
||||
@ -19,7 +19,7 @@ URL: http://www.tianocore.org
|
||||
# | xz -9ev >/tmp/edk2-$COMMIT.tar.xz
|
||||
Source0: http://batcave.lab.eng.brq.redhat.com/www/edk2-%{GITCOMMIT}.tar.xz
|
||||
Source1: ovmf-whitepaper-c770f8c.txt
|
||||
Source2: openssl-rhel-740e53ace8f6771c205bf84780e26bcd7a3275df.tar.xz
|
||||
Source2: openssl-rhel-d00c3c5b8a9d6d3ea3dabfcafdf36afd61ba8bcc.tar.xz
|
||||
Source3: ovmf-vars-generator
|
||||
Source4: LICENSE.qosb
|
||||
Source5: RedHatSecureBootPkKek1.pem
|
||||
@ -51,6 +51,11 @@ Patch0025: 0025-OvmfPkg-QemuKernelLoaderFsDxe-suppress-error-on-no-k.patch
|
||||
Patch0026: 0026-SecurityPkg-Tcg2Dxe-suppress-error-on-no-swtpm-in-si.patch
|
||||
# For bz#2112307 - Mark SEV launch secret area as reserved
|
||||
Patch27: edk2-OvmfPkg-AmdSev-SecretPei-Mark-SEV-launch-secret-area.patch
|
||||
# For bz#2164531 - CVE-2023-0286 edk2: openssl: X.400 address type confusion in X.509 GeneralName [rhel-8]
|
||||
# For bz#2164543 - CVE-2022-4304 edk2: openssl: timing attack in RSA Decryption implementation [rhel-8]
|
||||
# For bz#2164558 - CVE-2023-0215 edk2: openssl: use-after-free following BIO_new_NDEF [rhel-8]
|
||||
# For bz#2164581 - CVE-2022-4450 edk2: openssl: double free after calling PEM_read_bio_ex [rhel-8]
|
||||
Patch28: edk2-rh-openssl-add-crypto-bn-rsa_sup_mul.c-to-file-list.patch
|
||||
|
||||
|
||||
# python3-devel and libuuid-devel are required for building tools.
|
||||
@ -495,6 +500,18 @@ true
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Feb 15 2023 Jon Maloy <jmaloy@redhat.com> - 20220126gitbb1bba3d77-4
|
||||
- edk2-openssl-update.patch [bz#2164531 bz#2164543 bz#2164558 bz#2164581]
|
||||
- edk2-rh-openssl-add-crypto-bn-rsa_sup_mul.c-to-file-list.patch [bz#2164531 bz#2164543 bz#2164558 bz#2164581]
|
||||
- Resolves: bz#2164531
|
||||
(CVE-2023-0286 edk2: openssl: X.400 address type confusion in X.509 GeneralName [rhel-8])
|
||||
- Resolves: bz#2164543
|
||||
(CVE-2022-4304 edk2: openssl: timing attack in RSA Decryption implementation [rhel-8])
|
||||
- Resolves: bz#2164558
|
||||
(CVE-2023-0215 edk2: openssl: use-after-free following BIO_new_NDEF [rhel-8])
|
||||
- Resolves: bz#2164581
|
||||
(CVE-2022-4450 edk2: openssl: double free after calling PEM_read_bio_ex [rhel-8])
|
||||
|
||||
* Tue Aug 02 2022 Camilla Conte <cconte@redhat.com> - 20220126gitbb1bba3d77-3
|
||||
- Bumping OpenSSL version [bz# 2074834]
|
||||
- Resolves: bz# 2074834
|
||||
|
||||
Loading…
Reference in New Issue
Block a user