diff options
| author | Doug Flick <dougflick@microsoft.com> | 2024-01-17 14:47:22 -0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2024-01-18 19:25:14 +0000 |
| commit | 264636d8e6983e0f6dc6be2fca9d84ec81315954 (patch) | |
| tree | 8b7be978de1ea3d767a2969e0a67e8fd06783efa | |
| parent | 326db0c9072004dea89427ea3a44393a84966f2b (diff) | |
| download | edk2-264636d8e6983e0f6dc6be2fca9d84ec81315954.tar.gz | |
SecurityPkg: : Updating SecurityFixes.yaml after symbol rename
Adding the new commit titles for the symbol renames
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Message-Id: <5e0e851e97459e183420178888d4fcdadc2f1ae1.1705529990.git.doug.edk2@gmail.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
| -rw-r--r-- | SecurityPkg/SecurityFixes.yaml | 28 |
1 files changed, 17 insertions, 11 deletions
diff --git a/SecurityPkg/SecurityFixes.yaml b/SecurityPkg/SecurityFixes.yaml index 833fb827a9..b4006b42b8 100644 --- a/SecurityPkg/SecurityFixes.yaml +++ b/SecurityPkg/SecurityFixes.yaml @@ -9,28 +9,34 @@ CVE_2022_36763: - "SecurityPkg: DxeTpm2Measurement: SECURITY PATCH 4117 - CVE 2022-36763"
- "SecurityPkg: DxeTpmMeasurement: SECURITY PATCH 4117 - CVE 2022-36763"
- "SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml"
+ - "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117/4118 symbol rename"
+ - "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename"
+ - "SecurityPkg: : Updating SecurityFixes.yaml after symbol rename"
cve: CVE-2022-36763
date_reported: 2022-10-25 11:31 UTC
description: (CVE-2022-36763) - Heap Buffer Overflow in Tcg2MeasureGptTable()
note: This patch is related to and supersedes TCBZ2168
files_impacted:
- - Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
- - Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
+ - Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
+ - Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
links:
- - https://bugzilla.tianocore.org/show_bug.cgi?id=4117
- - https://bugzilla.tianocore.org/show_bug.cgi?id=2168
- - https://bugzilla.tianocore.org/show_bug.cgi?id=1990
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4117
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=2168
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=1990
CVE_2022_36764:
commit_titles:
- - "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764"
- - "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764"
- - "SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml"
+ - "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764"
+ - "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764"
+ - "SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml"
+ - "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117/4118 symbol rename"
+ - "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename"
+ - "SecurityPkg: : Updating SecurityFixes.yaml after symbol rename"
cve: CVE-2022-36764
date_reported: 2022-10-25 12:23 UTC
description: Heap Buffer Overflow in Tcg2MeasurePeImage()
note:
files_impacted:
- - Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
- - Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
+ - Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
+ - Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
links:
- - https://bugzilla.tianocore.org/show_bug.cgi?id=4118
+ - https://bugzilla.tianocore.org/show_bug.cgi?id=4118
|