From: "Gao, Liming" <liming.gao@intel.com>
To: Laszlo Ersek <lersek@redhat.com>,
"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Subject: Re: [PATCH v2 0/3] Add more checker for Tianocompress and Ueficompress(CVE FIX)
Date: Tue, 23 Oct 2018 13:55:50 +0000 [thread overview]
Message-ID: <4A89E2EF3DFEDB4C8BFDE51014F606A14E353D27@SHSMSX104.ccr.corp.intel.com> (raw)
In-Reply-To: <c727e0d6-fb16-9103-a190-00dea422edeb@redhat.com>
Thank you. I will update title when push this change.
> -----Original Message-----
> From: Laszlo Ersek [mailto:lersek@redhat.com]
> Sent: Tuesday, October 23, 2018 6:32 PM
> To: Gao, Liming <liming.gao@intel.com>; edk2-devel@lists.01.org
> Subject: Re: [edk2] [PATCH v2 0/3] Add more checker for Tianocompress and Ueficompress(CVE FIX)
>
> Hi Liming,
>
> On 10/22/18 17:18, Liming Gao wrote:
> > In V2, update commit message with fixed CVE number.
> >
> > Fix CVE-2017-5731,CVE-2017-5732,CVE-2017-5733,CVE-2017-5734,CVE-2017-5735
> > https://bugzilla.tianocore.org/show_bug.cgi?id=686
> >
> > Liming Gao (3):
> > MdePkg: Add more checker in UefiDecompressLib to access the valid
> > buffer only(CVE FIX)
> > IntelFrameworkModulePkg: Add more checker in
> > UefiTianoDecompressLib(CVE FIX)
> > BaseTools: Add more checker in Decompress algorithm to access the
> > valid buffer(CVE FIX)
> >
> > BaseTools/Source/C/Common/Decompress.c | 23 +++++++++++++++++--
> > BaseTools/Source/C/TianoCompress/TianoCompress.c | 26 +++++++++++++++++++++-
> > .../BaseUefiTianoCustomDecompressLib.c | 16 +++++++++++--
> > .../BaseUefiDecompressLib/BaseUefiDecompressLib.c | 17 ++++++++++++--
> > 4 files changed, 75 insertions(+), 7 deletions(-)
> >
>
> in the subject lines, please add a space character before the string
> "(CVE FIX)". This can be done before pushing, of course.
>
> I haven't reviewed the patches for correctness, but formally, they look
> OK to me. I'm ACKing the set to confirm that. Thanks for the commit
> message updates.
>
> Acked-by: Laszlo Ersek <lersek@redhat.com>
>
> Laszlo
prev parent reply other threads:[~2018-10-23 13:55 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-22 15:18 [PATCH v2 0/3] Add more checker for Tianocompress and Ueficompress(CVE FIX) Liming Gao
2018-10-22 15:18 ` [PATCH v2 1/3] MdePkg: Add more checker in UefiDecompressLib to access the valid buffer only(CVE FIX) Liming Gao
2018-10-22 15:18 ` [PATCH v2 2/3] IntelFrameworkModulePkg: Add more checker in UefiTianoDecompressLib(CVE FIX) Liming Gao
2018-10-22 15:18 ` [PATCH v2 3/3] BaseTools: Add more checker in Decompress algorithm to access the valid buffer(CVE FIX) Liming Gao
2018-10-23 10:32 ` [PATCH v2 0/3] Add more checker for Tianocompress and Ueficompress(CVE FIX) Laszlo Ersek
2018-10-23 13:55 ` Gao, Liming [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4A89E2EF3DFEDB4C8BFDE51014F606A14E353D27@SHSMSX104.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox