From 4d77ac6798a630bb5444b3f65393ab7afb7a18f1 Mon Sep 17 00:00:00 2001 From: Jon Maloy Date: Fri, 5 Jan 2024 14:54:17 -0500 Subject: [PATCH] * Fri Jan 05 2024 Jon Maloy - 20220126gitbb1bba3d77-8 - edk2-Bumped-openssl-submodule-version-to-cf317b2bb227.patch [RHEL-7560] - Resolves: RHEL-7560 (CVE-2023-3446 edk2: openssl: Excessive time spent checking DH keys and parameters [rhel-8]) --- .gitignore | 1 + edk2.spec | 9 +++++++-- sources | 2 +- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 3ac7612..edf92da 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ SOURCES/edk2-bb1bba3d77.tar.xz SOURCES/openssl-rhel-d00c3c5b8a9d6d3ea3dabfcafdf36afd61ba8bcc.tar.xz /edk2-bb1bba3d77.tar.xz /openssl-rhel-d00c3c5b8a9d6d3ea3dabfcafdf36afd61ba8bcc.tar.xz +/openssl-rhel-cf317b2bb227899cb2e761b9163210f62cab1b1e.tar.xz diff --git a/edk2.spec b/edk2.spec index 90346e7..ddd23f6 100644 --- a/edk2.spec +++ b/edk2.spec @@ -7,7 +7,7 @@ ExclusiveArch: x86_64 aarch64 Name: edk2 Version: %{GITDATE}git%{GITCOMMIT} -Release: 7%{?dist} +Release: 8%{?dist} Summary: UEFI firmware for 64-bit virtual machines Group: Applications/Emulators License: BSD-2-Clause-Patent and OpenSSL and MIT @@ -19,7 +19,7 @@ URL: http://www.tianocore.org # | xz -9ev >/tmp/edk2-$COMMIT.tar.xz Source0: http://batcave.lab.eng.brq.redhat.com/www/edk2-%{GITCOMMIT}.tar.xz Source1: ovmf-whitepaper-c770f8c.txt -Source2: openssl-rhel-d00c3c5b8a9d6d3ea3dabfcafdf36afd61ba8bcc.tar.xz +Source2: openssl-rhel-cf317b2bb227899cb2e761b9163210f62cab1b1e.tar.xz Source3: ovmf-vars-generator Source4: LICENSE.qosb Source5: RedHatSecureBootPkKek1.pem @@ -504,6 +504,11 @@ true %endif %changelog +* Fri Jan 05 2024 Jon Maloy - 20220126gitbb1bba3d77-8 +- edk2-Bumped-openssl-submodule-version-to-cf317b2bb227.patch [RHEL-7560] +- Resolves: RHEL-7560 + (CVE-2023-3446 edk2: openssl: Excessive time spent checking DH keys and parameters [rhel-8]) + * Wed Nov 22 2023 Miroslav Rezanina - 20220126gitbb1bba3d77-7 - edk2-add-8.6-machine-type-to-edk2-ovmf-cc.json.patch [RHEL-12626] - Resolves: RHEL-12626 diff --git a/sources b/sources index 1f4d8b0..ca406fc 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ SHA512 (edk2-bb1bba3d77.tar.xz) = 3e0deb750d3443f4a2c15a066842e35a05a6dc65ce1869c229a8328d3dba8375949ee3825e16c7fe01bd77516a6717ccbdda1d674a2a862453e5480094c49c4c -SHA512 (openssl-rhel-d00c3c5b8a9d6d3ea3dabfcafdf36afd61ba8bcc.tar.xz) = 4962a8d907f2913b80f72508cc688487cf0b38b1d3cd0c934f5307b236cb96d598af8e936d234de02c227795386045b5d19084a22ac447649a0f2b6c9fe753da +SHA512 (openssl-rhel-cf317b2bb227899cb2e761b9163210f62cab1b1e.tar.xz) = a8b89b7b515f8498ed344b2ec85f04a45ebe3d439c5d6a01c50557e3e72a26c9144dfefa805d581ca3c72ed0715f0e8c865785a84a5f3b0026ce6a09cfd27482