[ubuntu/focal-security] edk2 0~20191122.bd85bf54-2ubuntu3.5 (Accepted)
Mark Esler
mark.esler at canonical.com
Wed Feb 14 21:39:23 UTC 2024
edk2 (0~20191122.bd85bf54-2ubuntu3.5) focal; urgency=medium
* Disable the built-in Shell when SecureBoot is enabled, CVE-2023-48733.
Thanks to Mate Kukri. LP: #2040137.
- Backport support for GetSetupMode() and IsSecureBootEnabled():
+ 0001-SecurityPkg-Create-SecureBootVariableLib.patch
+ 0002-ArmVirtPkg-add-SecureBootVariableLib-class-resolutio.patch
+ 0003-OvmfPkg-add-SecureBootVariableLib-class-resolution.patch
+ 0004-SecurityPkg-SecureBootVariableLib-Added-newly-suppor.patch
+ 0005-EmulatorPkg-add-SecureBootVariableLib-class-resoluti.patch
- Disable the built-in Shell when SecureBoot is enabled:
+ Disable-the-Shell-when-SecureBoot-is-enabled.patch
edk2 (0~20191122.bd85bf54-2ubuntu3.4) focal; urgency=medium
[ dann frazier ]
* Provide 4MB OVMF images: The existing 2MB images no longer
have sufficient variable space for the current Secure Boot
Forbidden Signature Database. (LP: #1885662)
- Convert targets for pre-enrolled variable template images
into pattern rules. This will be useful for adding additional
pre-enrolled variable templates.
- Update fw descriptors to reference 4M images instead of their
2M counterparts. This will migrate tools that use the descriptor
interface (like libvirt) over to the 4M images when creating new
VMs. Existing 2M VMs will require manual migration.
* Increase autopkgtest timeout from 30s to 60s. (LP: #1885186)
[ Mustafa Kemal Gilor ]
* Added autopkg tests for 4MB OVMF images. (LP: #1885662)
Date: 2024-02-14 01:05:10.390518+00:00
Changed-By: dann frazier <dann.frazier at canonical.com>
Signed-By: Mark Esler <mark.esler at canonical.com>
https://launchpad.net/ubuntu/+source/edk2/0~20191122.bd85bf54-2ubuntu3.5
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list