Re: [edk2-devel] [PATCH 0/6] SECURITY PATCHES TCBZ4117 & TCBZ4118

["Yao, Jiewen" <jiewen.yao@intel.com>]

Hi Doug
Thanks for the fix.

Please remember to CC all SecurityPkg maintainer and reviewer.

I will merge after several days to see if there is any additional feedback from the community.

Thank you
Yao, Jiewen

> -----Original Message-----
> From: Douglas Flick [MSFT] <doug.edk2@gmail.com>
> Sent: Friday, January 12, 2024 2:16 AM
> To: devel@edk2.groups.io
> Cc: Douglas Flick [MSFT] <doug.edk2@gmail.com>; Yao, Jiewen
> <jiewen.yao@intel.com>
> Subject: [PATCH 0/6] SECURITY PATCHES TCBZ4117 & TCBZ4118
> 
> This patch series include the combined / merged security patches
> (as seperate commits) for TCBZ4117 (CVE-2022-36763) and TCBZ4118
> (CVE-2022-36764) for DxeTpm2MeasureBootLib and DxeTpmMeasureBootLib.
> These patches have already been reviewed by SecurityPkg Maintainer
> (Jiewen) on GHSA.
> 
> This patch series (specifically TCBZ4117) supersedes TCBZ2168.
> 
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> 
> Douglas Flick [MSFT] (6):
>   SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117 - CVE
>     2022-36763
>   SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117 - CVE
>     2022-36763
>   SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml
>   SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE
>     2022-36764
>   SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE
>     2022-36764
>   SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml
> 
>  SecurityPkg/Test/SecurityPkgHostTest.dsc      |   2 +
>  .../DxeTpm2MeasureBootLib.inf                 |   4 +-
>  ...Tpm2MeasureBootLibSanitizationTestHost.inf |  28 ++
>  .../DxeTpmMeasureBootLib.inf                  |   4 +-
>  ...eTpmMeasureBootLibSanitizationTestHost.inf |  28 ++
>  .../DxeTpm2MeasureBootLibSanitization.h       | 139 +++++++
>  .../DxeTpmMeasureBootLibSanitization.h        | 137 +++++++
>  .../DxeTpm2MeasureBootLib.c                   |  87 ++--
>  .../DxeTpm2MeasureBootLibSanitization.c       | 319 +++++++++++++++
>  .../DxeTpm2MeasureBootLibSanitizationTest.c   | 345 ++++++++++++++++
>  .../DxeTpmMeasureBootLib.c                    |  53 ++-
>  .../DxeTpmMeasureBootLibSanitization.c        | 285 +++++++++++++
>  .../DxeTpmMeasureBootLibSanitizationTest.c    | 387 ++++++++++++++++++
>  SecurityPkg/SecurityFixes.yaml                |  36 ++
>  SecurityPkg/SecurityPkg.ci.yaml               |   2 +
>  15 files changed, 1801 insertions(+), 55 deletions(-)
>  create mode 100644
> SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2Measur
> eBootLibSanitizationTestHost.inf
>  create mode 100644
> SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureB
> ootLibSanitizationTestHost.inf
>  create mode 100644
> SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitiza
> tion.h
>  create mode 100644
> SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitizatio
> n.h
>  create mode 100644
> SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLibSanitiza
> tion.c
>  create mode 100644
> SecurityPkg/Library/DxeTpm2MeasureBootLib/InternalUnitTest/DxeTpm2Measur
> eBootLibSanitizationTest.c
>  create mode 100644
> SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitizatio
> n.c
>  create mode 100644
> SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureB
> ootLibSanitizationTest.c
>  create mode 100644 SecurityPkg/SecurityFixes.yaml
> 
> --
> 2.43.0


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#113637): https://edk2.groups.io/g/devel/message/113637
Mute This Topic: https://groups.io/mt/103675434/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-