From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.groups.io with SMTP id smtpd.web12.7955.1605786643508315671 for ; Thu, 19 Nov 2020 03:50:43 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=e7EOSvz/; spf=pass (domain: redhat.com, ip: 216.205.24.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1605786642; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=tXh1NsJEjMRJkLXANHZmuLqKY+t1bJCIZQLbDPkz0Zk=; b=e7EOSvz/GOt2+EdXah46PO5aAAsiqYAwquwQzSftep9LlvuZWlnDhEJdy5z3XRrxYTzzXo /zNVA27yfIDVgw0J1SzAUBoZQ8QinWgaNy8vCNVxbgvLEujTFwZgrZERgSdKIOI2D0EFIp w+VMyCvofNOw9ghe9OLneaBzMewUQso= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-187-bYV7Jh8MPR2_oCptEzA7oQ-1; Thu, 19 Nov 2020 06:50:38 -0500 X-MC-Unique: bYV7Jh8MPR2_oCptEzA7oQ-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2C11E801B1E; Thu, 19 Nov 2020 11:50:37 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-112-236.ams2.redhat.com [10.36.112.236]) by smtp.corp.redhat.com (Postfix) with ESMTP id A1D7B12D7E; Thu, 19 Nov 2020 11:50:35 +0000 (UTC) From: "Laszlo Ersek" To: edk2-devel-groups-io Cc: Dandan Bi , Hao A Wu , Jian J Wang , Liming Gao , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Subject: [PATCH RESEND 0/1] security fix: possible heap corruption with LzmaUefiDecompressGetInfo Date: Thu, 19 Nov 2020 12:50:33 +0100 Message-Id: <20201119115034.12897-1-lersek@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: base64 UmVwbzogICBodHRwczovL3BhZ3VyZS5pby9sZXJzZWsvZWRrMi5naXQKQnJhbmNoOiB0aWFub2Nv cmVfMTgxNl9yZXNlbmQKUmVmOiAgICBodHRwczovL2J1Z3ppbGxhLnRpYW5vY29yZS5vcmcvc2hv d19idWcuY2dpP2lkPTE4MTYKCiJSRVNFTkQiIGJlY2F1c2UgSSdtIHB1YmxpY2x5IHBvc3Rpbmcg dGhlIHBhdGNoIGZyb20KPGh0dHBzOi8vYnVnemlsbGEudGlhbm9jb3JlLm9yZy9zaG93X2J1Zy5j Z2k/aWQ9MTgxNiNjOT4uCgpUaGUgUmV2aWV3ZWQtYnkgdGFncyBvbiB0aGUgcGF0Y2ggb3JpZ2lu YXRlIGZyb20KPGh0dHBzOi8vYnVnemlsbGEudGlhbm9jb3JlLm9yZy9zaG93X2J1Zy5jZ2k/aWQ9 MTgxNiNjMTI+IGFuZAo8aHR0cHM6Ly9idWd6aWxsYS50aWFub2NvcmUub3JnL3Nob3dfYnVnLmNn aT9pZD0xODE2I2MxNz4uCgpSZXBlYXRlZCB0aGUgc2ltcGxlIHJlZ3Jlc3Npb24gdGVzdCBhdAo8 aHR0cHM6Ly9idWd6aWxsYS50aWFub2NvcmUub3JnL3Nob3dfYnVnLmNnaT9pZD0xODE2I2MxMD4u CgpUaGlzIHNlcmllcyB0YXJnZXRzIGVkazItc3RhYmxlMjAyMDExLiBJIHBsYW4gdG8gbWVyZ2Ug aXQgbGF0ZXIgdGhpcwp3ZWVrLCBiYXNlZCBvbiBMaW1pbmcncyBSLWIuCgpMaW1pbmcsIGhpZ2hs aWdodGluZyBUaWFub0NvcmUjMTgxNiBpbiB0aGUgInByb3Bvc2VkIGZlYXR1cmVzIiBsaXN0CmNv dWxkIGJlIHVzZWZ1bC4KCkNjOiBEYW5kYW4gQmkgPGRhbmRhbi5iaUBpbnRlbC5jb20+CkNjOiBI YW8gQSBXdSA8aGFvLmEud3VAaW50ZWwuY29tPgpDYzogSmlhbiBKIFdhbmcgPGppYW4uai53YW5n QGludGVsLmNvbT4KQ2M6IExpbWluZyBHYW8gPGdhb2xpbWluZ0BieW9zb2Z0LmNvbS5jbj4KQ2M6 IFBoaWxpcHBlIE1hdGhpZXUtRGF1ZMOpIDxwaGlsbWRAcmVkaGF0LmNvbT4KClRoYW5rcyEKTGFz emxvCgpMYXN6bG8gRXJzZWsgKDEpOgogIE1kZU1vZHVsZVBrZy9Mem1hQ3VzdG9tRGVjb21wcmVz c0xpYjogY2F0Y2ggNEdCKyB1bmNvbXByZXNzZWQgYnVmZmVyCiAgICBzaXplcwoKIE1kZU1vZHVs ZVBrZy9MaWJyYXJ5L0x6bWFDdXN0b21EZWNvbXByZXNzTGliL0x6bWFEZWNvbXByZXNzTGliSW50 ZXJuYWwuaCB8IDUgKysrKysKIE1kZU1vZHVsZVBrZy9MaWJyYXJ5L0x6bWFDdXN0b21EZWNvbXBy ZXNzTGliL0x6bWFEZWNvbXByZXNzLmMgICAgICAgICAgICB8IDcgKysrKysrKwogMiBmaWxlcyBj aGFuZ2VkLCAxMiBpbnNlcnRpb25zKCspCgotLSAKMi4xOS4xLjMuZzMwMjQ3YWE1ZDIwMQoK