-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 24 Oct 2024 11:11:27 -0600 Source: edk2 Architecture: source Version: 2024.08-3 Distribution: unstable Urgency: medium Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org> Changed-By: dann frazier <dannf@debian.org> Closes: 1084055 Changes: edk2 (2024.08-3) unstable; urgency=medium . * Fix overflow condition in PeCoffLoaderRelocateImage(), CVE-2024-38796: - d/p/0001-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch - d/p/0002-MdePkg-Improving-readability-of-CVE-patch-for-PeCoff.patch (Closes: #1084055) * OpenSSL: Avoid type errors in EAI-related name check logic, CVE-2024-6119: - d/p/0001-Avoid-type-errors-in-EAI-related-name-check-logic.patch Checksums-Sha1: 9d5da25ed3ca5d00f2af1fbb8bf95f6bdec8205e 2427 edk2_2024.08-3.dsc 68cf8c6a097a7bcb52f86a48d11d14b1dcdf81ac 49372 edk2_2024.08-3.debian.tar.xz 7a68aa6e5189756f302a8f98c5f28b6d075b3ec3 11320 edk2_2024.08-3_source.buildinfo Checksums-Sha256: a5d083d1b313b9e371154bfaacf63e776f4fa76c6c366a8359c2037138903b7b 2427 edk2_2024.08-3.dsc 16e0a831c6b2e180d4b862e22ebebfab6c4bcc6f7f46e3712daf8808538d2ec1 49372 edk2_2024.08-3.debian.tar.xz 3c7f9cb332c537ccf3a5bca2313aacbccb668be3c9bed8e40fa3a5e2b69c3e4c 11320 edk2_2024.08-3_source.buildinfo Files: f0d2f559c77262d567d847aff20d6d6b 2427 misc optional edk2_2024.08-3.dsc b4ba5424d9e972acff583880acd14d4e 49372 misc optional edk2_2024.08-3.debian.tar.xz ec424c1e8c0e39b94bad02f1b5245cf9 11320 misc optional edk2_2024.08-3_source.buildinfo -----BEGIN PGP SIGNATURE----- iIcEARYKAC8WIQTAII4uHC7E3OGrB54TEoKfKLdfNAUCZxqAkxEcZGFubmZAZGVi aWFuLm9yZwAKCRATEoKfKLdfNBEiAP432p4zEYSrGEt32L3qJEh8V8kfQQYNeo56 VEPc3s5K4gD+MUE5sg+I/jih1rLb85O03EMuAgctKVHAwpcYIZTQkwQ= =H3Us -----END PGP SIGNATURE-----
