-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 02 Sep 2020 10:26:10 -0600 Source: edk2 Architecture: source Version: 2020.05-4 Distribution: unstable Urgency: medium Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org> Changed-By: dann frazier <dannf@debian.org> Closes: 968819 Changes: edk2 (2020.05-4) unstable; urgency=medium . * Fix integer overflow in DxeImageVerificationHandler. (CVE-2019-14562) (Closes: #968819) - d/p/0001-SecurityPkg-DxeImageVerificationLib-extract-SecDataD.patch - d/p/0002-SecurityPkg-DxeImageVerificationLib-assign-WinCertif.patch - d/p/0003-SecurityPkg-DxeImageVerificationLib-catch-alignment-.patch * Re-enable TPM support, which was accidentally disabled due to an upstream build flag rename in 2020.05-1. LP: #1890646. Checksums-Sha1: e503480e935f2be79ac10527fc8859f9fead9839 2728 edk2_2020.05-4.dsc 23288ea4207095eb8f93cff786e6f202dca12369 32312 edk2_2020.05-4.debian.tar.xz e0f13061867f820889f4c859d1121f8021bb7f42 10036 edk2_2020.05-4_source.buildinfo Checksums-Sha256: e95ab447a7c413e93cf47c7a33d1e21222fb0b667c829c6ebafecf33b4638bbb 2728 edk2_2020.05-4.dsc 21014c4dd1af9107cc5e1f775e88a23ba677bb15bcbc87316ad09b06804aa6db 32312 edk2_2020.05-4.debian.tar.xz 31bb9be60ef0b91e5c41a401dd783c699988e9e14268d69ab97301ee1c0ddfae 10036 edk2_2020.05-4_source.buildinfo Files: 8a31a6591b606c11478d48b61e8c52c3 2728 misc optional edk2_2020.05-4.dsc f6f0c808ddc479c63d3700aa654ba408 32312 misc optional edk2_2020.05-4.debian.tar.xz 3773fa2f77cb68a4211bf76b5fb652a8 10036 misc optional edk2_2020.05-4_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJEBAEBCgAvFiEECfR9vy0y7twkQ+vuG/g8XlT8hkAFAl9PypMRHGRhbm5mQGRl Ymlhbi5vcmcACgkQG/g8XlT8hkCVSQ/4xHKSADeIklXJp5uLiI4VFCm3ZbcPonWN TH1VNDumAGs6Ooo72CzlDmlAS9w5jZqNV0Qdksj7vzD4uQ7xITV04UuQGmJ11Tk0 y4ybaRHZuH7LX9jUoxSdqBG8Ki7IFHhliP2SRLaK0AtqpZUqExgEQVDdLODH3Smn 2L0mC8E0DlQuoVtLioFPRBAtmd/B0EDTOMhY+Er7koTfxaipOcHac+/g2G3z+Ylj Al6pvB0pDZmoknyeocjPuLa8hPbCnybEqPQR65SPjZvmaW2cSd4VFrDgAdubRSEg /d21yb3R4+Cj8ej+chwTYX2Ag1yv7+6/QM+9lruyW7559S/h0RoQ736DnP+/WNA3 rEVznzCkIIGshRZ41c7LxCEWweUkwMrZh9w0eyrFEwKqeLPLbWZOw6AzhCIJp5kB u025Cwc1c8AsUZiUewvYvpzUHus/NArkon4Dym7v1FZmb7NJc+GXHqVBQ+599ZpR NxZEW1haqQKQ3PWWxgKEcLCtmExD20aax0u2jOCCr3HrnKkVl/k8A4x2pyq8IpTx LTXKgWnq2MY6DNIc0oScIP+JI/bfzWaQqBobc8RCLrrcz0y+cZn/QfQJK6i/E7Su GQADuBcbF9Br50hOJ+chOKLSPfC0sTn6+r2W54cWcrIbWVwDC72kq1VP9pfS2heu m+LKmCElXA== =xRsC -----END PGP SIGNATURE-----