From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+115341+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 1B51DD801B4
	for <rebecca@openfw.io>; Sat, 10 Feb 2024 02:05:02 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=oo9gCjuUs5bv+mGBGvGRhMj6O8ujqnXu6ZtOAektYRI=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20140610; t=1707530701; v=1;
 b=V7Ur/+DoxufvCIP7Qf0CAd8NaqzY8a4EL8EyK6S6ELdmt4TmRkrykqLRF1qiYXCDgefJak3K
 QzhR5F7iBIxCN686tnTxHmFcXregS1Max6lOxLIULUag0Y6ScLEFtYccoW4qq/SMzPmcETWBpfO
 UOChwr5tikvtnRJ6K/3U1HwE=
X-Received: by 127.0.0.2 with SMTP id NKXxYY7687511xV6gmkTqmIP; Fri, 09 Feb 2024 18:05:01 -0800
X-Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169])
 by mx.groups.io with SMTP id smtpd.web11.5700.1707530700753190833
 for <devel@edk2.groups.io>;
 Fri, 09 Feb 2024 18:05:00 -0800
X-Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-6e08dd0fa0bso825553b3a.1
        for <devel@edk2.groups.io>; Fri, 09 Feb 2024 18:05:00 -0800 (PST)
X-Gm-Message-State: bQEAKXIWhvAZKJTbl6zEyLfEx7686176AA=
X-Google-Smtp-Source: AGHT+IGvAnYZdPTQZh7AVLOKRpcToMkBfqIHcLwZLXNqHakB9kWpdv2NQ1nGRTrwSU78Hjsig67skw==
X-Received: by 2002:a05:6a00:2ea4:b0:6e0:8a23:65c with SMTP id fd36-20020a056a002ea400b006e08a23065cmr3546078pfb.13.1707530700014;
        Fri, 09 Feb 2024 18:05:00 -0800 (PST)
X-Forwarded-Encrypted: i=1; AJvYcCUccd+D5YNuZoQUMvHdm1GnD1Ma8fwa9A6o51UdpL26KW+1rl6O31TBStnlWV+zf70myszV82nFfbZjLyvUn/KaF+iOvCozl2PBZmsdVMubyZNU/sNvNgGG8oUZ6s7BovpvmGJYxdyZlg94dXWFiOQEUhEWm07dCobQ0lkzC/raWtlyJLKBMT8xerP92PYqY7SNul9pY9WOkGIFmRvWEbrxlaod6rreeX+8aQThYSkVArQ2SI4nuq4+vzwHe95sx1fwbNh5Y5l8Hw==
X-Received: from localhost.localdomain ([24.17.138.83])
        by smtp.gmail.com with ESMTPSA id r9-20020aa79ec9000000b006e04dd8876csm1197489pfq.210.2024.02.09.18.04.59
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 09 Feb 2024 18:04:59 -0800 (PST)
From: "Doug Flick via groups.io" <dougflick=microsoft.com@groups.io>
To: devel@edk2.groups.io
Cc: Doug Flick <dougflick@microsoft.com>,
	Saloni Kasbekar <saloni.kasbekar@intel.com>,
	Zachary Clark-williams <zachary.clark-williams@intel.com>,
	Andrew Fish <afish@apple.com>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	"Doug Flick [MSFT]" <doug.edk2@gmail.com>
Subject: [edk2-devel] [PATCH 3/3] [edk2-stable202402] NetworkPkg: : Updating SecurityFixes.yaml
Date: Fri,  9 Feb 2024 19:04:58 -0800
Message-ID: <6bc418560bcad8a3f9647d658d7b99110198e94e.1707534069.git.doug.edk2@gmail.com>
In-Reply-To: <cover.1707534069.git.doug.edk2@gmail.com>
References: <cover.1707534069.git.doug.edk2@gmail.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dougflick@microsoft.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b="V7Ur/+Do";
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io;
	dmarc=pass (policy=none) header.from=groups.io

From: Doug Flick <dougflick@microsoft.com>

This captures the related security change for Dhcp6Dxe that is related
to CVE-2023-45229

Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <quic_llindhol@quicinc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
---
 NetworkPkg/SecurityFixes.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/NetworkPkg/SecurityFixes.yaml b/NetworkPkg/SecurityFixes.yaml
index 7e900483fec5..fa42025e0d82 100644
--- a/NetworkPkg/SecurityFixes.yaml
+++ b/NetworkPkg/SecurityFixes.yaml
@@ -8,6 +8,7 @@ CVE_2023_45229:
   commit_titles:=0D
     - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Patch"=0D
     - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Unit Tests"=0D
+    - "NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45229 Related Patch"=
=0D
   cve: CVE-2023-45229=0D
   date_reported: 2023-08-28 13:56 UTC=0D
   description: "Bug 01 - edk2/NetworkPkg: Out-of-bounds read when processi=
ng IA_NA/IA_TA options in a DHCPv6 Advertise message"=0D
--=20
2.43.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#115341): https://edk2.groups.io/g/devel/message/115341
Mute This Topic: https://groups.io/mt/104272128/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-