Miroslav Rezanina
1f7f098145
* Mon Dec 09 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20241117-1
...
- Update to edk2-stable202411
- Resolves: RHEL-58063
([edk2,rhel-9] rebase to edk2-stable202411)
2024-12-09 04:44:56 -05:00
Jon Maloy
82b18a9dd1
* Fri Nov 22 2024 Jon Maloy <jmaloy@redhat.com> - 20240524-10
...
- edk2-OvmfPkg-Rerun-dispatcher-after-initializing-virtio-r.patch [RHEL-58631]
- Resolves: RHEL-58631
([Regression] HTTP Boot fails to work with edk2-ovmf-20231122-6.el9_4.2 and greater)
2024-11-22 12:29:42 -05:00
Miroslav Rezanina
0ba5955357
* Mon Nov 11 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-9
...
- edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66230]
- Resolves: RHEL-66230
([Regression] [aarch64] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6])
2024-11-11 02:08:05 -05:00
Miroslav Rezanina
84fb1d85ec
* Wed Nov 06 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-8
...
- edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-65725]
- Resolves: RHEL-65725
([Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6])
2024-11-06 05:39:54 -05:00
Miroslav Rezanina
0974b1a5cf
* Tue Oct 08 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-7
...
- edk2-OvmfPkg-VirtioGpuDxe-ignore-display-resolutions-smal.patch [RHEL-56248]
- edk2-OvmfPkg-QemuVideoDxe-ignore-display-resolutions-smal.patch [RHEL-56248]
- edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch [RHEL-60833]
- Resolves: RHEL-56248
(507x510 display resolution should not crash the firmware [edk2,rhel-9.6])
- Resolves: RHEL-60833
(CVE-2024-38796 edk2: Integer overflows in PeCoffLoaderRelocateImage [rhel-9.6])
2024-10-08 05:51:16 -04:00
Miroslav Rezanina
feee90bea6
* Fri Sep 13 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-6
...
- edk2-OvmfPkg-CpuHotplugSmm-delay-SMM-exit.patch [RHEL-56974]
- edk2-Bumped-openssl-submodule-version-to-0205b5898872.patch [RHEL-55336]
- Resolves: RHEL-56974
(qemu-kvm: warning: Blocked re-entrant IO on MemoryRegion: acpi-cpu-hotplug at addr: 0x0 [rhel-9])
- Resolves: RHEL-55336
(CVE-2024-6119 edk2/openssl: Possible denial of service in X.509 name checks [rhel-9.5])
2024-09-13 02:27:52 -04:00
Miroslav Rezanina
413cc0f1fe
* Mon Sep 09 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-5
...
- edk2-UefiCpuPkg-PiSmmCpuDxeSmm-skip-PatchInstructionX86-c.patch [RHEL-45847]
- Resolves: RHEL-45847
([RHEL9.5] Hotplug vcpu to a guest cause guest kernel panic)
2024-09-09 02:15:34 -04:00
Miroslav Rezanina
c96825e6f4
* Mon Sep 02 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-4
...
- edk2-AmdSevDxe-Fix-the-shim-fallback-reboot-workaround-fo.patch [RHEL-56081]
- Resolves: RHEL-56081
([EDK2] Shim fallback reboot workaround might not work on SNP)
2024-09-02 06:58:25 -04:00
Miroslav Rezanina
57946d1d09
* Tue Aug 20 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-3
...
- edk2-NetworkPkg-DxeNetLib-adjust-PseudoRandom-error-loggi.patch [RHEL-45899]
- edk2-NetworkPkg-DxeNetLib-Reword-PseudoRandom-error-loggi.patch [RHEL-45899]
- Resolves: RHEL-45899
([RHEL-9.5.0] edk2 hit Failed to generate random data)
2024-08-20 03:31:32 -04:00
Miroslav Rezanina
167973f5cc
* Thu Jul 25 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-2
...
- edk2-MdeModulePkg-Warn-if-out-of-flash-space-when-writing.patch [RHEL-43442]
- Resolves: RHEL-43442
(edk2 disconnects abnormally before loading the kernel)
2024-07-25 02:39:00 -04:00
Miroslav Rezanina
5872fb18b4
* Thu Jun 20 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-1
...
- Rebase to edk2-stable202405
- Bumo openssl to 8e5beb77088b
- Resolves: RHEL-32486
(rebase to edk2-stable202405 [rhel-9])
- Resolves: RHEL-36446
(edk2: enable MOR [rhel-9])
- Resolves: RHEL-21653
(CVE-2023-6237 edk2: openssl: Excessive time spent checking invalid RSA public keys [rhel-9])
- Resolves: RHEL-21150
(CVE-2023-6129 edk2: mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC)
- Resolves: RHEL-22490
(CVE-2024-0727 edk2: openssl: denial of service via null dereference [rhel-9])
2024-06-20 04:31:02 -04:00
Miroslav Rezanina
ee6707224d
* Mon Apr 08 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240214-2
...
- edk2-OvmfPkg-PlatformPei-log-a-warning-when-memory-is-tig.patch [RHEL-22202]
- edk2-OvmfPkg-PlatformPei-consider-AP-stacks-for-pei-memor.patch [RHEL-22202]
- edk2-OvmfPkg-PlatformPei-rewrite-page-table-calculation.patch [RHEL-22202]
- edk2-OvmfPkg-PlatformPei-log-pei-memory-cap-details.patch [RHEL-22202]
- edk2-UefiCpuPkg-MpInitLib-Add-support-for-multiple-HOBs-t.patch [RHEL-22202]
- edk2-UefiCpuPkg-MpInitLib-Add-support-for-multiple-HOBs-t.p2.patch [RHEL-22202]
- edk2-UefiCpuPkg-MpInitLib-Add-support-for-multiple-HOBs-t.p3.patch [RHEL-22202]
- edk2-UefiCpuPkg-MpInitLib-Add-support-for-multiple-HOBs-t.p4.patch [RHEL-22202]
- edk2-UefiCpuPkg-MpInitLib-Add-support-for-multiple-HOBs-t.p5.patch [RHEL-22202]
- edk2-UefiCpuPkg-MpInitLib-return-early-in-GetBspNumber.patch [RHEL-22202]
- Resolves: RHEL-22202
([EDK2] Support booting with 4096 vcpus)
2024-04-08 04:13:12 -04:00
Miroslav Rezanina
9c8fc7cb9a
* Tue Feb 27 2024 Gerd Hoffmann <kraxel@redhat.com> - 20240214-1
...
- Rebase to edk2-stable202302
- Resolves: RHEL-26879
2024-03-12 03:32:40 -04:00
Miroslav Rezanina
9ab668cc6b
* Thu Feb 22 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20231122-6
...
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Add-Unit-tests-to-CI-and-create-Host-Test.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Un.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Pa.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Un.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Patc.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Unit.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Patc.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Unit.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p2.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p3.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p4.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Adds-a-SecurityFix.yaml-file.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Re.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Dhcp6Dxe-Removes-duplicate-check-and-repl.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Dhcp6Dxe-Packet-Length-is-not-updated-bef.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- edk2-NetworkPkg-Updating-SecurityFixes.yaml.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
- Resolves: RHEL-21841
(CVE-2023-45229 edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message [rhel-9])
- Resolves: RHEL-21843
(CVE-2023-45230 edk2: Buffer overflow in the DHCPv6 client via a long Server ID option [rhel-9])
- Resolves: RHEL-21845
(CVE-2023-45231 edk2: Out of Bounds read when handling a ND Redirect message with truncated options [rhel-9])
- Resolves: RHEL-21847
(CVE-2023-45232 edk2: Infinite loop when parsing unknown options in the Destination Options header [rhel-9])
- Resolves: RHEL-21849
(TRIAGE CVE-2023-45233 edk2: Infinite loop when parsing a PadN option in the Destination Options header [rhel-9])
- Resolves: RHEL-21851
(CVE-2023-45234 edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message [rhel-9])
- Resolves: RHEL-21853
(TRIAGE CVE-2023-45235 edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message [rhel-9])
2024-02-22 03:50:39 -05:00
Miroslav Rezanina
8ae7c916be
* Mon Feb 19 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20231122-5
...
- edk2-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4118.patch [RHEL-21157]
- edk2-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4118.patch [RHEL-21157]
- edk2-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-411-2.patch [RHEL-21157]
- edk2-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-411-3.patch [RHEL-21157]
- edk2-SecurityPkg-Updating-SecurityFixes.yaml-after-symbol.patch [RHEL-21157]
- edk2-OvmfPkg-Sec-Setup-MTRR-early-in-the-boot-process.patch [RHEL-21704]
- edk2-MdePkg-ArchitecturalMsr.h-add-defines-for-MTRR-cache.patch [RHEL-21704]
- edk2-UefiCpuPkg-MtrrLib.h-use-cache-type-defines-from-Arc.patch [RHEL-21704]
- edk2-OvmfPkg-Sec-use-cache-type-defines-from-Architectura.patch [RHEL-21704]
- Resolves: RHEL-21157
(CVE-2022-36764 edk2: heap buffer overflow in Tcg2MeasurePeImage() [rhel-9])
- Resolves: RHEL-21704
(vGPU VM take several minutes to show tianocore logo if firmware is ovmf)
2024-02-19 05:57:22 -05:00
Miroslav Rezanina
7b278993d0
* Wed Jan 31 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20231122-4
...
- edk2-OvmfPkg-VirtNorFlashDxe-add-casts-to-UINTN-and-UINT3.patch [RHEL-20963]
- edk2-OvmfPkg-VirtNorFlashDxe-clarify-block-write-logic-fi.patch [RHEL-20963]
- edk2-OvmfPkg-VirtNorFlashDxe-add-a-loop-for-NorFlashWrite.patch [RHEL-20963]
- edk2-OvmfPkg-VirtNorFlashDxe-allow-larger-writes-without-.patch [RHEL-20963]
- edk2-OvmfPkg-VirtNorFlashDxe-ValidateFvHeader-unwritten-s.patch [RHEL-20963]
- edk2-OvmfPkg-VirtNorFlashDxe-move-DoErase-code-block-into.patch [RHEL-20963]
- Resolves: RHEL-20963
([rhel9] guest fails to boot due to ASSERT error)
2024-01-31 04:45:05 -05:00
Miroslav Rezanina
f08230dd4f
* Mon Jan 22 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20231122-3
...
- edk2-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-411.patch [RHEL-21155]
- edk2-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117.patch [RHEL-21155]
- edk2-SecurityPkg-Adding-CVE-2022-36763-to-SecurityFixes.y.patch [RHEL-21155]
- Resolves: RHEL-21155
(CVE-2022-36763 edk2: heap buffer overflow in Tcg2MeasureGptTable() [rhel-9])
2024-01-22 07:28:42 -05:00
Miroslav Rezanina
fc7a119df2
* Mon Jan 15 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20231122-2
...
- edk2-OvmfPkg-RiscVVirt-use-gEfiAuthenticatedVariableGuid-.patch [RHEL-20963]
- edk2-OvmfPkg-VirtNorFlashDxe-stop-accepting-gEfiVariableG.patch [RHEL-20963]
- edk2-OvmfPkg-VirtNorFlashDxe-sanity-check-variables.patch [RHEL-20963]
- Resolves: RHEL-20963
([rhel9] guest fails to boot due to ASSERT error)
2024-01-15 08:56:12 -05:00
Miroslav Rezanina
301cae1641
* Fri Dec 15 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20231122-1
...
- Rebase to edk2-stable202311 [RHEL-12323]
- Switch to OpenSSL 3.0 [RHEL-49]
- Resolves: RHEL-12323
(Rebase EDK2 for RHEL 9.4)
- Resolves: RHEL-49
(consume / bundle RHEL-9 OpenSSL (version 3.0.x) in RHEL-9 edk2)
2023-12-15 03:37:46 -05:00
Miroslav Rezanina
cc7bc51783
* Mon Oct 09 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20230524-4
...
- edk2-OvmfPkg-ResetVector-Fix-assembler-bit-test-flag-chec.patch [RHEL-9943]
- Resolves: RHEL-9943
([EDK2][AMDSERVER Bug] OvmfPkg/ResetVector: Fix assembler bit test flag check [rhel-9.3.0.z])
2023-10-09 06:55:46 -04:00
Miroslav Rezanina
86c3fb820c
* Thu Aug 24 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20230524-3
...
- edk2-OvmfPkg-AmdSev-fix-BdsPlatform.c-assertion-failure-d.patch [bz#2190244]
- edk2-OvmfPkg-IoMmuDxe-add-locking-to-IoMmuAllocateBounceB.patch [bz#2211060]
- edk2-OvmfPkg-AmdSevDxe-Shim-Reboot-workaround-RHEL-only.patch [bz#2218196]
- Resolves: bz#2190244
([EDK2] [AMDSERVER 9.3 Bug] OVMF AP Creation Fixes)
- Resolves: bz#2211060
(SEV-es guest randomly stuck at boot to hard drive screen from powerdown and boot again)
- Resolves: bz#2218196
(Add vtpm devices with OVMF.amdsev.fd causes VM reset)
2023-08-24 04:43:25 -04:00
Miroslav Rezanina
32696fd8dd
* Mon Jul 10 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20230524-2
...
- edk2-ArmVirt-add-VirtioSerialDxe-to-ArmVirtQemu-builds.patch [RHEL-643]
- edk2-ArmVirt-PlatformBootManagerLib-factor-out-IsVirtio.patch [RHEL-643]
- edk2-ArmVirt-PlatformBootManagerLib-factor-out-IsVirtioPc.patch [RHEL-643]
- edk2-ArmVirt-PlatformBootManagerLib-set-up-virtio-serial-.patch [RHEL-643]
- edk2-OvmfPkg-VirtioSerialDxe-use-TPL_NOTIFY.patch [RHEL-643]
- edk2-OvmfPkg-VirtioSerialDxe-Remove-noisy-debug-print-on-.patch [RHEL-643]
- edk2-OvmfPkg-PlatformInitLib-limit-phys-bits-to-46.patch [bz#2174749]
- edk2-Revert-OvmfPkg-disable-dynamic-mmio-window-rhel-only.patch [bz#2174749]
- edk2-UefiCpuPkg-MpInitLib-fix-apic-mode-for-cpu-hotplug.patch [bz#2124143]
- edk2-OvmfPkg-PlatformInitLib-check-PcdUse1GPageTable.patch [RHEL-644]
- edk2-OvmfPkg-OvmfPkgIa32X64-enable-1G-pages.patch [RHEL-644]
- edk2-OvmfPkg-MicrovmX64-enable-1G-pages.patch [RHEL-644]
- Resolves: RHEL-643
(add virtio serial support to armvirt)
- Resolves: bz#2174749
([edk2] re-enable dynamic mmio window)
- Resolves: bz#2124143
(ovmf must consider max cpu count not boot cpu count for apic mode [rhel-9])
- Resolves: RHEL-644
(enable gigabyte pages)
2023-07-10 04:07:22 -04:00
Miroslav Rezanina
f6a4f10ae6
* Tue Jun 27 2023 Oliver Steffen <osteffen@redhat.com> - 20230524-1
...
- Rebase to edk2-stable202305 tag [RHEL-585]
- Resolves: RHEL-585
([rhel-9.3] rebase EDK2 to edk2-stable202305)
- Resolves: bz#2203094
(Add more than 17 pcie-root-ports, display Out Of Resource)
- Resolves: bz#2055123
([Q35] Failed to hot-plug a device whose membar > 2M into the vm)
2023-06-27 09:54:49 -04:00
Miroslav Rezanina
06d527f3f0
* Mon May 22 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20230301gitf80f052277c8-5
...
- edk2-dbx-update-2023-05-09-black-lotus-edition.patch [RHEL-470]
- edk2-json-descriptors-explicitly-set-mode-split.patch [RHEL-469]
- Resolves: RHEL-470
(edk2: update variable store with latest dbx updates (may 9, black lotus edition))
- Resolves: RHEL-469
(explicitly set mode = split in firmware json description files)
2023-05-22 03:53:12 -04:00
Miroslav Rezanina
f53835584a
* Tue May 16 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20230301gitf80f052277c8-4
...
- edk2-OvmfPkg-Clarify-invariants-for-NestedInterruptTplLib.patch [bz#2189136]
- edk2-OvmfPkg-Relax-assertion-that-interrupts-do-not-occur.patch [bz#2189136]
- Resolves: bz#2189136
(windows 11 installation broken with edk2-20230301gitf80f052277c8-1.el9)
2023-05-16 02:23:24 -04:00
Miroslav Rezanina
a19f633550
* Mon May 08 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20230301gitf80f052277c8-3
...
- edk2-add-aarch64-qcow2-images.patch [bz#2186754]
- edk2-update-json-files.patch [bz#2186754]
- edk2-add-libvirt-version-conflict.patch [bz#2186754]
- edk2-add-dbx-update-blob-rh-only.patch [RHEL-377]
- edk2-spec-apply-dbx-update-rh-only.patch [RHEL-377]
- Resolves: bz#2186754
(edk2: Add firmware images in qcow2 format)
- Resolves: RHEL-377
(edk2: ship secure build variable store with latest dbx updates)
2023-05-08 08:31:21 -04:00
Miroslav Rezanina
ae1eff6bab
* Wed Apr 05 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20230301gitf80f052277c8-2
...
- edk2-build-script-update.patch [bz#2183230]
- edk2-PcdDxeNxMemoryProtectionPolicy-update.patch [bz#2183230]
- Resolves: bz#2183230
([edk2] Instruction abort exception when booting a VM)
2023-04-05 03:02:34 -04:00
Miroslav Rezanina
9fddb846e8
* Wed Mar 22 2023 Miroslav Rezanina <mrezanin@redaht.com> - 20230301gitf80f052277c8-1
...
- Rebase to edk2-stable202302 [RHEL-266]
Resolves: RHEL-266
(rebase edk2 to 2023-02 stable tag)
2023-03-22 04:33:31 -04:00
Miroslav Rezanina
eca9dc6513
* Fri Mar 17 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20221207gitfff6d81270b5-9
...
- edk2-remove-amd-sev-feature-flag-from-secure-boot-builds-.patch [bz#2169247]
- Resolves: bz#2169247
([edk2] Install a sev guest with enrolled secure boot failed)
2023-03-17 03:50:50 -04:00
Miroslav Rezanina
fec2a1f6c0
* Fri Mar 10 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20221207gitfff6d81270b5-8
...
- edk2-OvmfPkg-disable-dynamic-mmio-window-rhel-only.patch [bz#2174605]
- Resolves: bz#2174605
([EDK2] disable dynamic mmio window)
2023-03-10 02:33:10 -05:00
Miroslav Rezanina
b95abfbaea
* Tue Feb 21 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20221207gitfff6d81270b5-7
...
- edk2-Revert-MdeModulePkg-TerminalDxe-add-other-text-resol.patch [bz#2162307]
- Resolves: bz#2162307
(Broken GRUB output on a serial console)
2023-02-21 00:24:30 -05:00
Miroslav Rezanina
61318a0867
* Mon Feb 13 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20221207gitfff6d81270b5-6
...
- edk2-update-build-script-rhel-only.patch [bz#2168046]
- edk2-update-build-config-rhel-only.patch [bz#2168046]
- edk2-add-release-date-to-builds-rh-only.patch [bz#2168046]
- edk2-openssl-update.patch [bz#2164534 bz#2164550 bz#2164565 bz#2164583]
- edk2-rh-openssl-add-crypto-bn-rsa_sup_mul.c-to-file-list.patch [bz#2164534 bz#2164550 bz#2164565 bz#2164583]
- Resolves: bz#2168046
([SVVP] job 'Check SMBIOS Table Specific Requirements' failed on win2022)
- Resolves: bz#2164534
(CVE-2023-0286 edk2: openssl: X.400 address type confusion in X.509 GeneralName [rhel-9])
- Resolves: bz#2164550
(CVE-2022-4304 edk2: openssl: timing attack in RSA Decryption implementation [rhel-9])
- Resolves: bz#2164565
(CVE-2023-0215 edk2: openssl: use-after-free following BIO_new_NDEF [rhel-9])
- Resolves: bz#2164583
(CVE-2022-4450 edk2: openssl: double free after calling PEM_read_bio_ex [rhel-9])
2023-02-13 02:40:34 -05:00
Miroslav Rezanina
410d8c40be
* Mon Feb 06 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20221207gitfff6d81270b5-5
...
- edk2-Revert-ArmVirtPkg-ArmVirtQemu-enable-initial-ID-map-.patch [bz#2157656]
- Resolves: bz#2157656
([edk2] [aarch64] Unable to initialize EFI firmware when using edk2-aarch64-20221207gitfff6d81270b5-1.el9 in some hardwares)
2023-02-06 02:27:22 -05:00
Miroslav Rezanina
29d2cbe159
* Wed Jan 18 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20221207gitfff6d81270b5-4
...
- edk2-ArmVirt-don-t-use-unaligned-CopyMem-on-NOR-flash.patch [bz#2158173]
- Resolves: bz#2158173
([aarch64][numa] Failed to create 2 numa nodes in some hardwares)
2023-01-18 02:12:37 -05:00
Miroslav Rezanina
867bc965bc
* Mon Jan 16 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20221207gitfff6d81270b5-3
...
- edk2-OvmfPkg-VirtNorFlashDxe-map-flash-memory-as-uncachea.patch [bz#2158173]
- edk2-MdePkg-Remove-Itanium-leftover-data-structure-RH-onl.patch [bz#1983086]
- Resolves: bz#2158173
([aarch64][numa] Failed to create 2 numa nodes in some hardwares)
- Resolves: bz#1983086
(Assertion failure when creating 1024 VCPU VM: [...]UefiCpuPkg/CpuMpPei/CpuBist.c(186): !EFI_ERROR (Status))
2023-01-16 10:47:12 -05:00
Miroslav Rezanina
a5af0fc49b
* Thu Jan 05 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20221207gitfff6d81270b5-2
...
- edk2-use-rpm-build-flags-rh-only.patch [RHEL-177]
- Resolves: RHEL-177
(Enable GNU_RELRO security protection)
2023-01-05 05:10:59 -05:00
Camilla Conte
0bde85a20e
* Thu Dec 15 2022 Camilla Conte <cconte@redhat.com> - 20221207gitfff6d81270b5-1
...
- Rebase to edk2-stable202211 tag
Resolves: RHEL-119
(rebase edk2 to edk2-stable202211)
- Resolves: RHEL-75
(edk2 builds should show the build version)
- Resolves: bz#2132951
(edk2: Sort traditional virtualization builds before Confidential Computing builds)
2022-12-15 12:45:35 +00:00
Miroslav Rezanina
e874001a1f
* Mon Nov 21 2022 Miroslav Rezanina <mrezanin@redhat.com> - 20220826gitba0e0e4c6a-2
...
- edk2-MdeModulePkg-PiSmmCore-SmmEntryPoint-underflow-CVE-2.patch [bz#1989857]
- Resolves: bz#1989857
(CVE-2021-38578 edk2: integer underflow in SmmEntryPoint function leads to potential SMM privilege escalation [rhel-9.0])
2022-11-21 03:08:22 -05:00
Miroslav Rezanina
168857ed85
* Tue Oct 11 2022 Miroslav Rezanina <mrezanin@redhat.com> - 0220826gitba0e0e4c6a-1
...
- Rebase to edk2-stable202208 tag [RHELX-59]
Resolves: RHELX-59
(rebase edk2 to 2022-08 stable tag)
2022-10-11 07:44:28 -04:00
Miroslav Rezanina
cf6de6db69
* Fri Sep 16 2022 Miroslav Rezanina <mrezanin@redhat.com> - 20220526git16779ede2d36-4
...
- edk2-OvmfPkg-QemuVideoDxe-fix-bochs-mode-init.patch [RHELX-58]
- Resolves: RHELX-58
(Guest console turns black with uefi rhel guests and stdvga)
2022-09-16 03:10:55 -04:00
Miroslav Rezanina
48d88437af
* Mon Aug 01 2022 Miroslav Rezanina <mrezanin@redhat.com> - 20220526git16779ede2d36-3
...
- edk2-openssl-jump-to-8.7.0-branch-2022-07-22.patch [bz#2074843]
- edk2-ovmf-vars-generator-Use-max-cpu.patch [bz#2111567]
- Resolves: bz#2074843
(edk2: sync openssl sources with rhel openssl rpm)
- Resolves: bz#2111567
(EDK2 build stuck with qemu-kvm-7.0.0-8.el9 or newer)
2022-08-01 05:21:30 -04:00
Miroslav Rezanina
3672756645
* Fri Jun 24 2022 Miroslav Rezanina <mrezanin@redhat.com> - 20220526git16779ede2d36-2
...
- edk2-OvmfPkg-Update-target-machines-config.patch [bz#2090752]
- Resolves: bz#2090752
(Add RHEL 8.5, 8,6 and 9.x machine types to firmware descriptor files 50-edk2-ovmf-{amdsev,cc}.json)
2022-06-24 02:32:04 -04:00
Miroslav Rezanina
d55cbecee7
* Mon Jun 13 2022 Miroslav Rezanina <mrezanin@redhat.com> - 20220526git16779ede2d36-1
...
- Rebase to edk2-stable-202205 [bz#2074831]
- Resolves: bz#2074831
(rebase edk2 to May 2022 release (edk2-stable202205))
2022-06-13 07:24:44 -04:00
Miroslav Rezanina
f9a9b2c169
* Thu May 26 2022 Miroslav Rezanina <mrezanin@redhat.com> - 20220221gitb24306f15d-2
...
- edk2-Revert-ArmVirtPkg-Remove-QemuRamfbDxe-display-device.patch [bz#2087220]
- edk2-Revert-OvmfPkg-Remove-QemuRamfbDxe-display-device-dr.patch [bz#2087220]
- Resolves: bz#2087220
(VNC display show "Guest has not initialized the display" when using ramfb + ovmf)
2022-05-26 02:05:14 -04:00
Miroslav Rezanina
e01dae6d7a
* Thu Mar 31 2022 Miroslav Rezanina <mrezanin@redhat.com> - 20220221gitb24306f15d-1
...
- Rebae to edk-stable-202202 [bz#2056910]
- Resolves: bz#2056910
([rebase] update edk2 to feb '22 release (edk2-stable202202xx))
2022-04-04 07:25:44 -04:00
Miroslav Rezanina
9de3902dce
* Thu Mar 31 2022 Miroslav Rezanina <mrezanin@redhat.com> - 202202gitb24306f15d-1
...
- Rebae to edk-stable-202202 [bz#2056910]
- Resolves: bz#2056910
([rebase] update edk2 to feb '22 release (edk2-stable202202xx))
2022-03-31 02:01:35 -04:00
Miroslav Rezanina
0021d9fbe5
* Wed Mar 23 2022 Miroslav Rezanina <mrezanin@redhat.com> - 20220126gitbb1bba3d77-4
...
- edk2-Revert-OvmfPkg-Remove-NvmExpressDxe-device-driver-RH.patch [bz#2044196]
- edk2-Revert-ArmVirtPkg-Remove-NvmExpressDxe-device-driver.patch [bz#2044196]
- Resolves: bz#2044196
(RFE: [nvme-vfio] The virt-install interface throws info "Failed to set new efi boot target" when install a vm on a hostdev nvme disk)
2022-03-23 04:09:29 -04:00
Miroslav Rezanina
16c9a4257a
* Wed Feb 23 2022 Miroslav Rezanina <mrezanin@redhat.com> - 20220126gitbb1bba3d77-3
...
- edk2-spec-build-amdsev-variant.patch [bz#2054661]
- edk2-OvmfPkg-AmdSev-SecretPei-Mark-SEV-launch-secret-area.patch [bz#2041755]
- Resolves: bz#2054661
(RFE: Support measured AMD SEV boot with kernel/initrd/cmdline in OVMF)
- Resolves: bz#2041755
(Mark SEV launch secret area as reserved)
2022-02-23 04:27:20 -05:00
Miroslav Rezanina
088600e053
* Tue Feb 08 2022 Miroslav Rezanina <mrezanin@redhat.com> - 20220126gitbb1bba3d77-2
...
- edk2-OvmfPkg-remove-unused-TPM-options-from-MicrovmX64.ds.patch [bz#1935497]
- edk2-OvmfPkg-move-tcg-configuration-to-dsc-and-fdf-includ.patch [bz#1935497]
- edk2-OvmfPkg-drop-TPM_CONFIG_ENABLE.patch [bz#1935497]
- edk2-OvmfPkg-create-Tcg12ConfigPei.inf.patch [bz#1935497]
- edk2-OvmfPkg-rework-TPM-configuration.patch [bz#1935497]
- edk2-spec-adapt-specfile-to-build-option-changes-disable-.patch [bz#1935497]
- Resolves: bz#1935497
(edk2 implements and/or uses the deprecated MD5 and SHA-1 algorithms by default)
2022-02-08 07:17:57 -05:00
Miroslav Rezanina
4dd210a593
Add README file
...
- Resolves: bz#2018388
2022-02-03 03:48:45 -05:00