SecurityPkg: Update libspdm

This patch updates libspdm to pull in various bug fixes, but primarily commit ca4854be3325bd8fc7f2c714574d17aac2d4e13b which updates libspdm's MbedTLS submodule to v3.6.2, fixing CVE https://nvd.nist.gov/vuln/detail/CVE-2023-37920 there. This CVE does not affect libspdm or edk2, but automatic CVE scanning tools see the bad version of the certifi pip module in the edk2/libspdm code trees and flag these projects as failing. libspdm has been updated to pull in the newer MbedTLS that fixes this issue and this patch updates edk2 to pull in the newer libspdm. Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
author: Oliver Smith-Denny <osde@microsoft.com> 2024-11-22 07:46:36 -0800
committer: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> 2024-11-26 02:15:06 +0000
commit: 7eff71fe690a0f5bc0be67b5b83f263d7892f9b6 (patch)
tree: c22fd00fd17a083f3deecb73970e7683cb40ebe2
parent: c15bd993428ea4f75aae4f885f67903a8f89fae4 (diff)
download: edk2-7eff71fe690a0f5bc0be67b5b83f263d7892f9b6.tar.gz
1 files changed, 0 insertions, 0 deletions
diff --git a/SecurityPkg/DeviceSecurity/SpdmLib/libspdm b/SecurityPkg/DeviceSecurity/SpdmLib/libspdm
-Subproject 50924a4c8145fc721e17208f55814d2b38766fe
+Subproject 98ef964e1e9a0c39c7efb67143d3a13a819432e
author	Oliver Smith-Denny <osde@microsoft.com>	2024-11-22 07:46:36 -0800
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-11-26 02:15:06 +0000
commit	7eff71fe690a0f5bc0be67b5b83f263d7892f9b6 (patch)
tree	c22fd00fd17a083f3deecb73970e7683cb40ebe2
parent	c15bd993428ea4f75aae4f885f67903a8f89fae4 (diff)
download	edk2-7eff71fe690a0f5bc0be67b5b83f263d7892f9b6.tar.gz