From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242]) by mx.groups.io with SMTP id smtpd.web09.21311.1605850259535769634 for ; Thu, 19 Nov 2020 21:31:01 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=none, err=permanent DNS error (domain: byosoft.com.cn, ip: 58.240.74.242, mailfrom: gaoliming@byosoft.com.cn) Received: from DESKTOPS6D0PVI ([58.246.60.130]) (envelope-sender ) by 192.168.6.13 with ESMTP for ; Fri, 20 Nov 2020 13:30:54 +0800 X-WM-Sender: gaoliming@byosoft.com.cn X-WM-AuthFlag: YES X-WM-AuthUser: gaoliming@byosoft.com.cn From: "gaoliming" To: , Cc: "'Dandan Bi'" , "'Hao A Wu'" , "'Jian J Wang'" , =?utf-8?Q?'Philippe_Mathieu-Daud=C3=A9'?= References: <20201119105340.16225-1-lersek@redhat.com> In-Reply-To: <20201119105340.16225-1-lersek@redhat.com> Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIIHYyIFJFU0VORCAwLzJdIHNlY3VyaXR5IGZpeDogdW5saW1pdGVkIEZWIHJlY3Vyc2lvbiwgcm91bmQgMiAoRFhFIENvcmUp?= Date: Fri, 20 Nov 2020 13:30:56 +0800 Message-ID: <017701d6befe$528b9ba0$f7a2d2e0$@byosoft.com.cn> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQC6Zf7mRWVD5RvZFll4COMysJbEK6wJL7Yg Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Language: zh-cn Laszlo: I am OK to merge this patch and the fix in LzmaUefiDecompressGetInfo for= this stable tag. After you are done, I will update the proposed feature li= st to include them.=20 In BZ, there is no CVE number. So, I want to confirm whether CVE number = is required.=20 Thanks Liming > -----=E9=82=AE=E4=BB=B6=E5=8E=9F=E4=BB=B6----- > =E5=8F=91=E4=BB=B6=E4=BA=BA: bounce+27952+67707+4905953+8761045@groups.i= o > =E4=BB=A3=E8=A1=A8 Laszlo= Ersek > =E5=8F=91=E9=80=81=E6=97=B6=E9=97=B4: 2020=E5=B9=B411=E6=9C=8819=E6=97= =A5 18:54 > =E6=94=B6=E4=BB=B6=E4=BA=BA: edk2-devel-groups-io > =E6=8A=84=E9=80=81: Dandan Bi ; Hao A Wu ; > Jian J Wang ; Liming Gao > ; Philippe Mathieu-Daud=C3=A9 > =E4=B8=BB=E9=A2=98: [edk2-devel] [PATCH v2 RESEND 0/2] security fix: unl= imited FV > recursion, round 2 (DXE Core) >=20 > Repo: https://pagure.io/lersek/edk2.git > Branch: tianocore_1743_v2_resend > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1743 >=20 > "RESEND" because I'm publicly posting the patches from > . >=20 > The Reviewed-by tags on the patches originate from > and > . >=20 > Retested with Liming's reproducer; see > and > . >=20 > This series targets edk2-stable202011. I plan to merge it later this > week, based on Liming's R-b. >=20 > Liming, highlighting TianoCore#1743 in the "proposed features" list > could be useful. >=20 > Cc: Dandan Bi > Cc: Hao A Wu > Cc: Jian J Wang > Cc: Liming Gao > Cc: Philippe Mathieu-Daud=C3=A9 >=20 > Thanks! > Laszlo >=20 > Laszlo Ersek (2): > MdeModulePkg/Core/Dxe: assert SectionInstance invariant in > FindChildNode() > MdeModulePkg/Core/Dxe: limit FwVol encapsulation section recursion >=20 > MdeModulePkg/MdeModulePkg.dec > | 6 +++ > MdeModulePkg/MdeModulePkg.uni > | 6 +++ > MdeModulePkg/Core/Dxe/DxeMain.inf > | 1 + > MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c | 52 > +++++++++++++++++--- > 4 files changed, 59 insertions(+), 6 deletions(-) >=20 > -- > 2.19.1.3.g30247aa5d201 >=20 >=20 >=20 >=20 >=20