From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+118768+7686176+12367111@groups.io>
Received: from mail05.groups.io (mail05.groups.io [45.79.224.7])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 3E129941D13
	for <rebecca@openfw.io>; Thu,  9 May 2024 18:26:30 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=c3x7zOk4naixwhChQhXyuMSfSev7bAtC+I9JsyC4Lbc=;
 c=relaxed/simple; d=groups.io;
 h=Subject:To:From:User-Agent:MIME-Version:Date:References:In-Reply-To:Message-ID:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type;
 s=20240206; t=1715279188; v=1;
 b=SVhL/vAWUAkXrd/ObjZKm89KRimqFduHHsPa5oAG7mE1q3RFvvlvOCre/W40W+l18h5FHWii
 HVXcDNSP4qiJy+h8rLohxSof0WUinH5xC7nq18sH0H+B4Su7OuO4KvkNHZ6bnlgq3KeXvyPIx7Z
 p2PEmq8nil/fHlhqBxDil7t8UIUFYuwxHkcMAmM6yUUbxs7qoStP1A8gDd1gck8c+tHS09x2Nua
 SNLi7JyIdSsosnlsMFeYV9p3phDzw/4iSgfoQgb9kFBy5ewWWtm97U8BkoL+Pf7OGOgbOt8RrqD
 EeSxQ7UMgpDJtwLVnp6jKURO+GEAW8GfN1a1bPrS8IMBw==
X-Received: by 127.0.0.2 with SMTP id tSkqYY7687511x8zMeaK9vTx; Thu, 09 May 2024 11:26:28 -0700
Subject: =?UTF-8?B?UmU6IFtlZGsyLWRldmVsXSDlm57lpI06IFtlZGsyLWRldmVsXVtlZGsyLXN0YWJsZTIwMjQwNV0gW1BBVENIIHYyIDAwLzEzXSBOZXR3b3JrUGtnOiBDVkUtMjAyMy00NTIzNiBhbmQgQ1ZFLTIwMjMtNDUyMzc=?=
To: "gaoliming" <gaoliming@byosoft.com.cn>, devel@edk2.groups.io
From: "Doug Flick via groups.io" <dougflick=microsoft.com@groups.io>
X-Originating-Location: Redmond, Washington, US (131.107.174.184)
X-Originating-Platform: Windows Chrome 124
User-Agent: GROUPS.IO Web Poster
MIME-Version: 1.0
Date: Thu, 09 May 2024 11:26:27 -0700
References: <012c01daa1f4$f141bb80$d3c53280$@byosoft.com.cn>
In-Reply-To: <012c01daa1f4$f141bb80$d3c53280$@byosoft.com.cn>
Message-ID: <28286.1715279187867794028@groups.io>
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dougflick@microsoft.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: bcNR22xHJBDVSP3c9wIKABH5x7686176AA=
Content-Type: multipart/alternative; boundary="xvcpsuiaQ3zr6wVpnQxy"
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20240206 header.b="SVhL/vAW";
	dmarc=pass (policy=none) header.from=groups.io;
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io

--xvcpsuiaQ3zr6wVpnQxy
Content-Type: text/plain; charset="utf-8"; markup=markdown
Content-Transfer-Encoding: quoted-printable

>From the two CVE patches there should be no functional differences to a pla=
tform assuming the platform provides them with a RNG implementation and HAS=
H2 implementation.=20

The "NetworkPkg:: SECURITY PATCH CVE-2023-45237" change simply get's it's r=
andom numbers from outside of the NetworkPkg and makes it a platform decisi=
on.
The "NetworkPkg: TcpDxe: SECURITY PATCH CVE-2023-45236" changes how the TCP=
 Isn number is generated and puts the platform in compliance with the relev=
ant specification.=20

There is a functional change with  "SecurityPkg: RngDxe: Remove incorrect l=
imitation on GetRng" as this will now allow a caller to call less than 32 b=
ytes.=20

The other changes are unit tests and platform integration changes.


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118768): https://edk2.groups.io/g/devel/message/118768
Mute This Topic: https://groups.io/mt/105998004/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-



--xvcpsuiaQ3zr6wVpnQxy
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

<p>From the two CVE patches there should be no functional differences to a =
platform assuming the platform provides them with a RNG implementation and =
HASH2 implementation.</p>

<p>The &quot;NetworkPkg:: SECURITY PATCH CVE-2023-45237&quot; change simply=
 get's it's random numbers from outside of the NetworkPkg and makes it a pl=
atform decision.
The &quot;NetworkPkg: TcpDxe: SECURITY PATCH CVE-2023-45236&quot; changes h=
ow the TCP Isn number is generated and puts the platform in compliance with=
 the relevant specification.</p>

<p>There is a functional change with  &quot;SecurityPkg: RngDxe: Remove inc=
orrect limitation on GetRng&quot; as this will now allow a caller to call l=
ess than 32 bytes.</p>

<p>The other changes are unit tests and platform integration changes.</p>


<div width=3D"1" style=3D"color:white;clear:both">_._,_._,_</div>
<hr>


Groups.io Links:<p>


 =20
    You receive all messages sent to this group.
 =20
 =20


<p>
<a target=3D"_blank" href=3D"https://edk2.groups.io/g/devel/message/118768"=
>View/Reply Online (#118768)</a> |


 =20

|

  <a target=3D"_blank" href=3D"https://groups.io/mt/105998004/7686176">Mute=
 This Topic</a>


| <a href=3D"https://edk2.groups.io/g/devel/post">New Topic</a>

<br>




<a href=3D"https://edk2.groups.io/g/devel/editsub/7686176">Your Subscriptio=
n</a> |
<a href=3D"mailto:devel+owner@edk2.groups.io">Contact Group Owner</a> |

<a href=3D"https://edk2.groups.io/g/devel/unsub">Unsubscribe</a>

 [rebecca@openfw.io]<br>
<div width=3D"1" style=3D"color:white;clear:both">_._,_._,_</div>


--xvcpsuiaQ3zr6wVpnQxy--