tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SecurityPkg: : Updating SecurityFixes.yaml after symbol rename 

Adding the new commit titles for the symbol renames

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>

Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
Message-Id: <5e0e851e97459e183420178888d4fcdadc2f1ae1.1705529990.git.doug.edk2@gmail.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
This commit is contained in:
Doug Flick 2024-01-17 14:47:22 -08:00 committed by mergify[bot]
parent 326db0c907
commit 264636d8e6
1 changed files with 17 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
SecurityPkg/SecurityFixes.yaml
View File

@ -9,28 +9,34 @@ CVE_2022_36763:
- "SecurityPkg: DxeTpm2Measurement: SECURITY PATCH 4117 - CVE 2022-36763" - "SecurityPkg: DxeTpm2Measurement: SECURITY PATCH 4117 - CVE 2022-36763"
- "SecurityPkg: DxeTpmMeasurement: SECURITY PATCH 4117 - CVE 2022-36763" - "SecurityPkg: DxeTpmMeasurement: SECURITY PATCH 4117 - CVE 2022-36763"
- "SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml" - "SecurityPkg: : Adding CVE 2022-36763 to SecurityFixes.yaml"
- "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117/4118 symbol rename"
- "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename"
- "SecurityPkg: : Updating SecurityFixes.yaml after symbol rename"
cve: CVE-2022-36763 cve: CVE-2022-36763
date_reported: 2022-10-25 11:31 UTC date_reported: 2022-10-25 11:31 UTC
description: (CVE-2022-36763) - Heap Buffer Overflow in Tcg2MeasureGptTable() description: (CVE-2022-36763) - Heap Buffer Overflow in Tcg2MeasureGptTable()
note: This patch is related to and supersedes TCBZ2168 note: This patch is related to and supersedes TCBZ2168
files_impacted: files_impacted:
- Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c - Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
- Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c - Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
links: links:
- https://bugzilla.tianocore.org/show_bug.cgi?id=4117 - https://bugzilla.tianocore.org/show_bug.cgi?id=4117
- https://bugzilla.tianocore.org/show_bug.cgi?id=2168 - https://bugzilla.tianocore.org/show_bug.cgi?id=2168
- https://bugzilla.tianocore.org/show_bug.cgi?id=1990 - https://bugzilla.tianocore.org/show_bug.cgi?id=1990
CVE_2022_36764: CVE_2022_36764:
commit_titles: commit_titles:
- "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764" - "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764"
- "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764" - "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764"
- "SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml" - "SecurityPkg: : Adding CVE 2022-36764 to SecurityFixes.yaml"
- "SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4117/4118 symbol rename"
- "SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename"
- "SecurityPkg: : Updating SecurityFixes.yaml after symbol rename"
cve: CVE-2022-36764 cve: CVE-2022-36764
date_reported: 2022-10-25 12:23 UTC date_reported: 2022-10-25 12:23 UTC
description: Heap Buffer Overflow in Tcg2MeasurePeImage() description: Heap Buffer Overflow in Tcg2MeasurePeImage()
note: note:
files_impacted: files_impacted:
- Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c - Library\DxeTpm2MeasureBootLib\DxeTpm2MeasureBootLib.c
- Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c - Library\DxeTpmMeasureBootLib\DxeTpmMeasureBootLib.c
links: links:
- https://bugzilla.tianocore.org/show_bug.cgi?id=4118 - https://bugzilla.tianocore.org/show_bug.cgi?id=4118