Back to edk2 PTS page

Accepted edk2 2023.11-7 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted edk2 2023.11-7 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 14 Feb 2024 15:06:30 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: edk2_2023.11-7_source.changes
Debian-source: edk2
Debian-suite: unstable
Debian-version: 2023.11-7
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Content-Type: Subject:MIME-Version:To:Reply-To:From:Cc:Content-Transfer-Encoding:Content-ID :Content-Description:In-Reply-To:References; bh=s5N54sdfyjKfuWBNmzpj1avWOPx9dhH67rraV6s0Hxw=; b=mXgNLIs61vRcuA5fACFPorcjMT DMtgJWRhtuKI0GSDOkaSuQvSoXJI7OK3FdeDUNaAFZrKU9ozvVRhgQdwDmW0hEzSBEpNn/SOm6sPu 9tuLjD7IRjXxqoIMks/LQQIYorSWrPfW/By3HvxWzNJJVgcZ/nwJ8/gcAl1mGDsQMPrQ+h3IY5fU3 Fu6mQryNV0Fj8Vm4sAAR6aipXOnuGl2QO3fPfx1k6uQNlntyMeT5R/MQ7bFhMcg6akmEpwG5RJazK KBWhXLkyLaralsL5lnvkWuhHncsTm/MA/RfyVU0m+kIH/a3ts71PRUSLNKS+nwWMs/phqDH257ZNM VN8sm7aQ==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1raGqE-005KKr-ET@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 14 Feb 2024 07:35:13 -0700
Source: edk2
Architecture: source
Version: 2023.11-7
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: dann frazier <dannf@debian.org>
Closes: 1023491
Changes:
 edk2 (2023.11-7) unstable; urgency=medium
 .
   * ovmf, qemu-efi-*: Stop building Secure Boot code into non-secboot
     images so they can include a built-in shell which is unsafe in
     Secure Boot mode.
   * ovmf-ia32: Add non-secboot image. Thanks to Lionel Debroux.
     (Closes: #1023491).
   * debian/tests/shell.py: Add tests for ovmf-ia32 non-secboot image.
   * qemu-efi-aarch64: Add non-secboot variant. AAVMF_CODE.fd is the
     secboot variant, so name it AAVMF_CODE.no-secboot.fd.
   * qemu-efi-aarch64: Rename the secboot variant, AAVMF_CODE.fd,
     to AAVMF_CODE.secboot.fd and add a compat symlink.
   * ovmf, ovmf-ia32, qemu-efi-aarch64: Stop including a built-in shell
     in secboot variants, CVE-2023-48733. Thanks to Mate Kukri.
     LP: #2040137.
     - d/tests: Drop the boot-to-shell tests for images w/ Secure Boot.
     - d/tests: Update run_cmd_check_secure_boot() to not expect shell
       interaction.
Checksums-Sha1:
 a810f66c304dd9e35b04b122eb8ec6b32f4bc2e0 3053 edk2_2023.11-7.dsc
 eba6d0bd0ac681707670c4a6c8e2f44482e05d0a 79788 edk2_2023.11-7.debian.tar.xz
 028077bd5aa9b2dafbee5b94459681635ce3feed 12018 edk2_2023.11-7_source.buildinfo
Checksums-Sha256:
 86e4d80f382b0e9a7ce11636a379dc8d4844828b5b931dac2295a1969b43c9fb 3053 edk2_2023.11-7.dsc
 b91506d057612f3ef66e22da087cfa56d0a51aa6a2efc07e04be40999ef61845 79788 edk2_2023.11-7.debian.tar.xz
 b4e32648af5261a923877b94f69b28ecff5459d40f775f9aa1fe93ed4ceebcc8 12018 edk2_2023.11-7_source.buildinfo
Files:
 a941b895c6af24dec3b684df59972343 3053 misc optional edk2_2023.11-7.dsc
 c82e713443e1a3c4eca49a89141a2da8 79788 misc optional edk2_2023.11-7.debian.tar.xz
 c5c43c71232912a6ad1bf43b4376a56e 12018 misc optional edk2_2023.11-7_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEECfR9vy0y7twkQ+vuG/g8XlT8hkAFAmXM0ikRHGRhbm5mQGRl
Ymlhbi5vcmcACgkQG/g8XlT8hkAUaQ//S7APF8nqZVv8Q5C1KZwIrO8Xq3KP893l
7NjymqJZ6euIdKaXha0a16GST49MkRPnR3WFg2z1JgRf44qBGYz7MS3+D9ZxAGtX
tG1QJrkk9CNbcdxvGTXneCvAU+qI7bXFqhJellQK2OFKB4Hu+SJqCeI7Hd8oyzxo
pnc98SoooEdEc4Wyi8WrwQ7IyxdG9Y/KbDNVRoaohM292pFEAv61fXAi87B788VS
Xfb/NbFrXZaKs/j3wsKs8tNLlncBtGNAXgPqfZlMCvpwQTY0VW+wOUniYm+BGdKI
FLKstD5O4dtBpXpz2rlaSVZ4MY65CPJKNxm8k7T6q+frQWPCTr1wkgYdok7jHfDU
ExPk4oJp4R35M/4HVy5mSrLVRsjPQ2w5xQu4yBp2oBXMPu5Tb29Gs9ITwBitLnP/
IUhWVZeM2WBpIm0pKVvbbPNGQN/u5h/OjmkrpU+sXsYvDbiSt7qd25ceoRPTQpAT
1lr+CBqOT6ixqJHw0w0AF7twwElp9Q6xVIcgQjBVD4spbx5LIwhk2OknQcTwJa8Y
jma1Wp2uN++eDccWUgzcik1NGI87Z0sHvCpH0uiZPH13S9Fv2QEggvLLxEnR5b07
sRkW8WkLWevm7k3hsQZixueEr7OCVbDCv+rnmC3Xhv7KDHa3InBD7esg3ND/pKt9
dVjUtFxr41U=
=nAT+
-----END PGP SIGNATURE-----

Attachment: pgpkfZK9VjoN7.pgp
Description: PGP signature