From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+115410+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 2B1A4941E18
	for <rebecca@openfw.io>; Tue, 13 Feb 2024 19:41:13 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=pe52A7iANzGEuIlTBZmHFaPatTLaUGs6Wf1tiPpD1PM=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20140610; t=1707853271; v=1;
 b=eUqExGI1qCKs116NsS8m9f+j+YeG3ibCq9Z5xxB8l1+pGga9jgXodeZEEnaW4SyYDVJ4icVj
 /ktggDRYAVihtE4xakzN0YuYQIRFi6uov8ne9+EScoIntMnmmallgVqw/eY1SZpD+AQmyMSBLVz
 K/+CObNKAluy6owzijEHjiYM=
X-Received: by 127.0.0.2 with SMTP id so7NYY7687511xA6eNXZWMmr; Tue, 13 Feb 2024 11:41:11 -0800
X-Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169])
 by mx.groups.io with SMTP id smtpd.web11.23015.1707853270537386550
 for <devel@edk2.groups.io>;
 Tue, 13 Feb 2024 11:41:10 -0800
X-Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-1d7232dcb3eso35181155ad.2
        for <devel@edk2.groups.io>; Tue, 13 Feb 2024 11:41:10 -0800 (PST)
X-Gm-Message-State: sPDUI5ib4bwQuQ71Qz72ILMmx7686176AA=
X-Google-Smtp-Source: AGHT+IFGkvo8iCtQXiRhiD2TSy38juchJ9nBMqOfZgKdS6TK2Yo6y/AODvUEwr0XZTEdOKdPsQQxag==
X-Received: by 2002:a17:902:cec2:b0:1da:1b60:21ff with SMTP id d2-20020a170902cec200b001da1b6021ffmr535515plg.13.1707853269691;
        Tue, 13 Feb 2024 11:41:09 -0800 (PST)
X-Forwarded-Encrypted: i=1; AJvYcCUy7wJdZzEj7vyA3ldgPX7/uT+6X1wRY9bED3S3D1KLFRfhBFN2xFmjn/IOtSUi96QurVhVHMUlWF01n1KmkHSRjap0BBmtFhLIsWblGdqjWuliYAZy7RNC6MKQrBKjq83BodJufQzrut+tzw4Y9SdIWUPB0TSnlul+pmP86MiOmQ==
X-Received: from localhost.localdomain ([131.107.147.247])
        by smtp.gmail.com with ESMTPSA id ks6-20020a170903084600b001d9588f0714sm2436189plb.177.2024.02.13.11.41.08
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 13 Feb 2024 11:41:09 -0800 (PST)
From: "Doug Flick via groups.io" <dougflick=microsoft.com@groups.io>
To: devel@edk2.groups.io
Cc: Doug Flick <dougflick@microsoft.com>,
	Saloni Kasbekar <saloni.kasbekar@intel.com>,
	Zachary Clark-williams <zachary.clark-williams@intel.com>,
	"Doug Flick [MSFT]" <doug.edk2@gmail.com>
Subject: [edk2-devel] [PATCH v2 4/4] NetworkPkg: : Updating SecurityFixes.yaml
Date: Tue, 13 Feb 2024 10:46:03 -0800
Message-Id: <20240213184603.2985-5-doug.edk2@gmail.com>
In-Reply-To: <20240213184603.2985-1-doug.edk2@gmail.com>
References: <20240213184603.2985-1-doug.edk2@gmail.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dougflick@microsoft.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=eUqExGI1;
	dmarc=pass (policy=none) header.from=groups.io;
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

From: Doug Flick <dougflick@microsoft.com>

This captures the related security change for Dhcp6Dxe that is related
to CVE-2023-45229

Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
---
 NetworkPkg/SecurityFixes.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/NetworkPkg/SecurityFixes.yaml b/NetworkPkg/SecurityFixes.yaml
index 7e900483fec5..fa42025e0d82 100644
--- a/NetworkPkg/SecurityFixes.yaml
+++ b/NetworkPkg/SecurityFixes.yaml
@@ -8,6 +8,7 @@ CVE_2023_45229:
   commit_titles:=0D
     - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Patch"=0D
     - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests"=0D
+    - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related Patch"=
=0D
   cve: CVE-2023-45229=0D
   date_reported: 2023-08-28 13:56 UTC=0D
   description: "Bug 01 - edk2/NetworkPkg: Out-of-bounds read when processi=
ng IA_NA/IA_TA options in a DHCPv6 Advertise message"=0D
--=20
2.34.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#115410): https://edk2.groups.io/g/devel/message/115410
Mute This Topic: https://groups.io/mt/104339709/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-