From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga02.intel.com (mga02.intel.com [134.134.136.20])
 by mx.groups.io with SMTP id smtpd.web10.7971.1574747612417633946
 for <devel@edk2.groups.io>;
 Mon, 25 Nov 2019 21:53:32 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=TbyT88PM;
 spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: michael.a.kubacki@intel.com)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
  by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 25 Nov 2019 21:53:31 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.69,244,1571727600"; 
   d="scan'208";a="409868219"
Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201])
  by fmsmga006.fm.intel.com with ESMTP; 25 Nov 2019 21:53:31 -0800
Received: from fmsmsx162.amr.corp.intel.com (10.18.125.71) by
 FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Mon, 25 Nov 2019 21:53:31 -0800
Received: from FMSEDG002.ED.cps.intel.com (10.1.192.134) by
 fmsmsx162.amr.corp.intel.com (10.18.125.71) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Mon, 25 Nov 2019 21:53:31 -0800
Received: from NAM05-CO1-obe.outbound.protection.outlook.com (104.47.48.59) by
 edgegateway.intel.com (192.55.55.69) with Microsoft SMTP Server (TLS) id
 14.3.439.0; Mon, 25 Nov 2019 21:53:31 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=bgrdQqBUTSd/8T/wB2Ak5X1KL2Oxt3nrv/sOaUBerb08K647iEw8KQevcOtx8nvf33+OHusKRmA2JcPBW/ZuOEzc0ckvc8T/cIahI3D/y3gaUyac+MInTjkECfnDzIRK5apPz9mByY0q+Ds/8oDHcykkuLSA7BqIqmpF9TqkU7KxLiSwMnrFEvs8CDh2FXx+dnOk6+7MuGevNxmQV9znTo6Gox0JXa1fzSYqU2R0WUw4L+vAB8QgtibbHYaK0Qt6Kd0e6W+1v2Vc5B/WdGelkplUD3phzdF2gh2XoCXppH+pUEmxyn9snEX0op1Fqz9Itgjaect1/RNg+ZuNVxgTqA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=X/YCKxFkJp19qP2QjnaywR7N7FGkA6GCul3WTglNalI=;
 b=T1Zf6BZhyroCYlfnGUSCRNclRZscw1/Nab3LE8RSh2M4xD9YAAw+D8mvrjRMZGNdPmX6cjkeO1ZpWDlX173RAluqJm7oKLahbA1RdI8zNZNpeorIF3Y5R5KYy1NEPxu3P5rpzPsF1oxk8Ml77Br7BSlPiME8VakpVknt3zCTSK1zXY/p4gTDhTw/F+iv2seMd7l5oUg0+kPzI88qcKUYGWJxFH9GCNGW14Y/cA3j5iAI3+MYgXNnWq+bL16CAlhDm9QpEJ7RPzw5O99qkoZWEVbyySGBr2DhfxgMO2FySpjMXzdZp69IPRlokmEdMFBvjNdW2iC55B0YdL30a7oSVw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=X/YCKxFkJp19qP2QjnaywR7N7FGkA6GCul3WTglNalI=;
 b=TbyT88PMUguqwWWdyLlwWpf0ynlYrDsQJKhFLUCW7CvSuSFwPetE95Ofnn+YBJ6k8MnM87vGDRcHTfJvp9jGYJjFMwC/lEjrTbSbuYsiSHlWRuf72RgzUV8rTOUCVUr71gU3Zbh++A4qxyTN1Sfhqehmu4bIiuk4x2haW7fKapU=
Received: from BY5PR11MB4484.namprd11.prod.outlook.com (52.132.254.155) by
 BY5PR11MB4403.namprd11.prod.outlook.com (52.132.252.96) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2474.17; Tue, 26 Nov 2019 05:53:10 +0000
Received: from BY5PR11MB4484.namprd11.prod.outlook.com
 ([fe80::a114:604b:7ca3:5420]) by BY5PR11MB4484.namprd11.prod.outlook.com
 ([fe80::a114:604b:7ca3:5420%7]) with mapi id 15.20.2474.023; Tue, 26 Nov 2019
 05:53:10 +0000
From: "Kubacki, Michael A" <michael.a.kubacki@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>, "Gao, Liming"
	<liming.gao@intel.com>
Subject: Re: [edk2-devel] [edk2-wiki][patch] Move feature BootGuard TOCTOU vulnerability to next edk2 stable tag
Thread-Topic: [edk2-devel] [edk2-wiki][patch] Move feature BootGuard TOCTOU
 vulnerability to next edk2 stable tag
Thread-Index: AQHVoD8OA443ihhyeU6QEOn4F0OlB6ec+svA
Date: Tue, 26 Nov 2019 05:53:10 +0000
Message-ID: <BY5PR11MB4484D2F701C7D5777E74A7C5B5450@BY5PR11MB4484.namprd11.prod.outlook.com>
References: <1574322035-15740-1-git-send-email-liming.gao@intel.com>
In-Reply-To: <1574322035-15740-1-git-send-email-liming.gao@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
x-ctpclassification: CTP_NT
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiOTdjZTY4MGEtZDJhZC00NGM5LWE0MjUtN2E5ODBmZjc2NDVjIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiMFZWQ3dpVGJjNVRPWiswMGQ3KzJmZnhwRHpJSFZicjhGcWt5MEMySlBFQWZjZllZR0U4OGYzaTV1SVVPSEplUSJ9
dlp-reaction: no-action
dlp-version: 11.2.0.6
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=michael.a.kubacki@intel.com; 
x-originating-ip: [134.134.136.217]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 820c450f-a861-42e4-6c8f-08d77234eb48
x-ms-traffictypediagnostic: BY5PR11MB4403:
x-ms-exchange-purlcount: 10
x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <BY5PR11MB4403CEC65D65D72233C0866EB5450@BY5PR11MB4403.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:5516;
x-forefront-prvs: 0233768B38
x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(346002)(366004)(39860400002)(376002)(136003)(396003)(13464003)(199004)(189003)(186003)(256004)(14444005)(6636002)(52536014)(6506007)(53546011)(110136005)(478600001)(229853002)(33656002)(66066001)(6436002)(316002)(86362001)(74316002)(71200400001)(71190400001)(446003)(2906002)(102836004)(25786009)(305945005)(11346002)(6116002)(7736002)(3846002)(6246003)(7696005)(66446008)(5660300002)(99286004)(26005)(966005)(76176011)(8676002)(81156014)(81166006)(55016002)(14454004)(2501003)(66946007)(8936002)(9686003)(64756008)(66556008)(66476007)(6306002)(76116006);DIR:OUT;SFP:1102;SCL:1;SRVR:BY5PR11MB4403;H:BY5PR11MB4484.namprd11.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;A:1;MX:1;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 7rHTXhkRbHsdjwUkLa1jg+bfc/mSm51PkjetFT7xgrpMRzZD7DP8ivnSlpOtL0e3z2M85+wTwM3bLXrQkMYm7EKe332PhFchRugU9/Nrxi7mq7MhzPeV8FaBFN84THZeLNVrweQAIzMj6mU8oLNl9bI3MYjsz4smmFHP8suzc6xQP9RwNx8QvL0KH3TNLS6vsZsxJVA0sTSMBunX+pj5SzI1L3iGO8L79tXJuldw2UuWC2PKXafataaO6CnNw8OGYfvADARSkyhO4ll3/2IeNemY9XTldIfAkry1YpcTd01v/xTIi6PIMl2lj63I+tN1IO/Nw1Qf3/jvWQjEemTy3I5SGOKpraO+FHKlHKnBhVXceYn9JDvMeM2rXUAiXtqs9nKtB9oInFZn/llZm8YQTi3fCNqtpZo2vCtJllhyE6pwrZQpIDRtOJ4zepxiNP9WfL20RaGBAUdLJpCCwLADJdTRKLIS2dTo8Hfz+AQHOic=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 820c450f-a861-42e4-6c8f-08d77234eb48
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Nov 2019 05:53:10.6343
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: cRRFF8VN+r/RxnvdelyYa4Yh9SJsPwOINCDsVHIG9AZT6d7W1Z8cpn8z6vBAyBsm8VdkNbZe9xblQV8EwjLAgeNgUHkVctHr3hX7reaD2Yw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR11MB4403
Return-Path: michael.a.kubacki@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Michael Kubacki <michael.a.kubacki@intel.com>

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Liming
> Gao
> Sent: Wednesday, November 20, 2019 11:41 PM
> To: devel@edk2.groups.io
> Cc: Kubacki, Michael A <michael.a.kubacki@intel.com>
> Subject: [edk2-devel] [edk2-wiki][patch] Move feature BootGuard TOCTOU
> vulnerability to next edk2 stable tag
>=20
> This feature doesn't catch 201911 stable tag.
> Plan to defer this feature to next stable tag.
>=20
> Signed-off-by: Liming Gao <liming.gao@intel.com>
> Cc: Michael Kubacki <michael.a.kubacki@intel.com>
> ---
>  EDK-II-Release-Planning.md | 1 -
>  1 file changed, 1 deletion(-)
>=20
> diff --git a/EDK-II-Release-Planning.md b/EDK-II-Release-Planning.md ind=
ex
> 704e956..dabda3c 100644
> --- a/EDK-II-Release-Planning.md
> +++ b/EDK-II-Release-Planning.md
> @@ -22,7 +22,6 @@
>  * [Allow PCDs to be used in conditional statements if not referenced in=
 an
> INF](https://bugzilla.tianocore.org/show_bug.cgi?id=3D2270)
>  * [Add Support Laml and Lasa for TPM2
> ACPI](https://bugzilla.tianocore.org/show_bug.cgi?id=3D978)
>  * [Add PCI Device Security
> Support](https://bugzilla.tianocore.org/show_bug.cgi?id=3D2303)
> -* [BootGuard TOCTOU vulnerability (CVE-2019-
> 11098)](https://bugzilla.tianocore.org/show_bug.cgi?id=3D1614)
>  * [Invalid server certificate accepted in HTTPS Boot (CVE-2019-
> 14553)](https://bugzilla.tianocore.org/show_bug.cgi?id=3D960)
>  * [MdeModulePkg: Enable/Disable S3BootScript
> dynamically](https://bugzilla.tianocore.org/show_bug.cgi?id=3D2212)
>  * [Enable Phase 1 of Continuous Integration (CI) on the edk2
> repository](https://bugzilla.tianocore.org/show_bug.cgi?id=3D2315)
> --
> 2.13.0.windows.1
>=20
>=20
>=20