Back to edk2 PTS page

Accepted edk2 2023.11-6 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted edk2 2023.11-6 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sat, 10 Feb 2024 22:24:21 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: edk2_2023.11-6_source.changes
Debian-source: edk2
Debian-suite: unstable
Debian-version: 2023.11-6
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=ayh1xHD/asKh67KKm1KuSeCmiQ8gZ5OTO/V7n/86HsM=; b=R22SA+m3hKQW0mpSB9oczj33Hd Jvh3xmg4rNd9Bdv3AAiD+/q4xk+0XCDCsH5jZRoD+u5BnEgO2Rkd4geb0CfLCLTLe2c92HowMSoiO g85FCIOENvLQiKaGD9PeHHSWi25HtJlbDzmuNYZVtwEzWt1uL7wKPlK95g9Iqr168w6LFbqYNLQNB DzFAVyuMQ+QQv5O8rw5X5G7jUNqUbw2b9JOANc2EkPprHaeOdDyJwShxoW4JCZ4rW2MP5cHdAdciO r0A9nfux2FegxTWajW2XweOk/nOeh/1BatHHASE1sFJ00dgLWkbJawlSxBtYKcfTz6devwP/4HHvT RJcMCQPw==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1rYvll-003VvI-LY@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 10 Feb 2024 14:02:37 -0700
Source: edk2
Architecture: source
Version: 2023.11-6
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Changes:
 edk2 (2023.11-6) unstable; urgency=medium
 .
   * Cherry-pick security fixes from upstream:
     - Fix a buffer overflow via a long server ID option in DHCPv6
       client, CVE-2023-45230:
       + 0001-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch
       + 0002-NetworkPkg-Add-Unit-tests-to-CI-and-create-Host-Test.patch
       + 0003-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Un.patch
     - Fix an out-of-bounds read vulnerability when processing the IA_NA
       or IA_TA option in a DHCPv6 Advertise message, CVE-2023-45229:
       + 0004-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Pa.patch
       + 0005-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Un.patch
     - Fix an out-of-bounds read when processing Neighbor Discovery
       Redirect messages, CVE-2023-45231:
       + 0006-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Patc.patch
       + 0007-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Unit.patch
     - Avoid an infinite loop when parsing unknown options in the
       Destination Options header of IPv6, CVE-2023-45232:
       + 0008-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Patc.patch
       + 0009-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Unit.patch
     - Avoid an infinite loop when parsing a PadN option in the
       Destination Options header of IPv6, CVE-2023-45233:
       + 0010-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch
       + 0011-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch
     - Fix a potential buffer overflow when processing a DNS Servers
       option from a DHCPv6 Advertise message, CVE-2023-45234:
       + 0013-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch
     - Fix a potential buffer overflow when handling a Server ID option
       from a DHCPv6 proxy Advertise message, CVE-2023-45235:
       + 0012-MdePkg-Test-Add-gRT_GetTime-Google-Test-Mock.patch
       + 0014-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch
     - Record fixes in a SecurityFix.yaml file:
       + 0015-NetworkPkg-Adds-a-SecurityFix.yaml-file.patch
Checksums-Sha1:
 efe901748e69cd5ff4c7761c67d50ff48d287ed8 3053 edk2_2023.11-6.dsc
 1f334c2b8df828854d68290b7f70d18571c37234 79492 edk2_2023.11-6.debian.tar.xz
 9f23085ca821e6286a4966fdee0348e8648ab854 11970 edk2_2023.11-6_source.buildinfo
Checksums-Sha256:
 10e38ea1ba032b86e3e7d52c15594cb63a0788e205f0d388a768c30734f53d6c 3053 edk2_2023.11-6.dsc
 e77c559a2c091524fd217e040961e4b1fbe7cb2a6c0ae03482276c792369b231 79492 edk2_2023.11-6.debian.tar.xz
 982faaadb5bc34eff4d52bb5ddd3ec911d0e630975509c2a935a067c963e7f5f 11970 edk2_2023.11-6_source.buildinfo
Files:
 bedad59fdd49f5aad9e4a8f421a22177 3053 misc optional edk2_2023.11-6.dsc
 cee0dd37f0c6990d7e3199a4abc5de86 79492 misc optional edk2_2023.11-6.debian.tar.xz
 e746f96110cba73486ce5e4d208e993e 11970 misc optional edk2_2023.11-6_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEECfR9vy0y7twkQ+vuG/g8XlT8hkAFAmXH5PsRHGRhbm5mQGRl
Ymlhbi5vcmcACgkQG/g8XlT8hkCtEQ//UOyR4jdJ/FkhjU4udDIva/obI1/gZGMF
p7AlDRqdvK8VzIYPju0/knBHBVEcAlnFopHLFgXOkjwSu79aWiHCePLy+DeMkp+F
6vvR817o5GGt4XcNL+x7ewLkDs+F13ws9axx76IAZ8Z7fVlSux5wesgevobrPwJ7
xkI4eRKIqQ3x7af52Udi9iC88NWcaDZfcN0hzYBuoDASGU1ZnYKg+ZcQOw+0AHzx
H2VpDZImDST4LuT6nn07jMSSRqhRFoReC7ARVjEicicaM8IjIfuMocgGavkkBc2Z
iDGiSov8G2rWa3dt95s9VGYVN/gDDfaqRDXLmS19jmKN1tku0RBigw2E9QV3KwI4
EbD0Ru51rMDb7ZAv2982dgNZK/TPfww84foOzSHtjCZXanOkLmDU8Ia4NJVihqKs
B5I2d+evBQTyXYU/5DL9VFOjVdH2+oou1k7vBbU4qQkkC1QxutNJIXVd/CnKaXIn
0saoqE03VUq1yN7FsGLfvOvjJzJyx+/e1RNDk77xq2eOiTdo7EgCXDwVkyUsoWMp
Ook2eVcWq1n09CzYmFSvYWIP+9E+EH7gHug5QnkMVQx67MKdOdU4c53zoRnxG1Qw
/CDoEsvew07CbAPBKP8Eh/xeI2/ALPZ9GS0LvY8gu1w3LXhi4FZ34C6k0a2qqNJC
zdFRZlUdSBw=
=kkY9
-----END PGP SIGNATURE-----