edk2 (2025.02-8) [PTS] [DDPO]

NEW: VCS has unreleased changes: 2025.02-9 > 2025.02-8

Git: https://salsa.debian.org/qemu-team/edk2.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: debian/latest
Path: debian/changelog
Repo size: 22302720
Browser: https://salsa.debian.org/qemu-team/edk2
Last scan: 2025-06-23 11:22:06+00
Next scan: 2025-06-30 12:21:00+00
Merge requests: 7

Debian changelog in Git:

edk2 (2025.02-9) UNRELEASED; urgency=medium

  * Cherry-pick openssl fix for timing side-channel in ECDSA signature
    computation, CVE-2024-13176.
    - d/p/0001-Fix-timing-side-channel-in-ECDSA-signature-computati.patch
  * Fix out-of-bounds memory access in NetworkPkg/IScsiDxe, CVE-2024-38805.
    - d/p/0001-NetworkPkg-IScsiDxe-Fix-for-out-of-bound-memory-acce.patch

 -- dann frazier <[email protected]>  Thu, 15 May 2025 12:29:07 -0600

This branch is 2 commits ahead of tag debian/2025.02-8

Git log:

commit 0f31a058150e16d9f51d0fb1d5a9b7773d635612
Author: dann frazier <[email protected]>
Date:   Thu May 15 12:36:38 2025 -0600

    Fix out-of-bounds memory access in NetworkPkg/IScsiDxe, CVE-2024-38805.
    
    * Fix out-of-bounds memory access in NetworkPkg/IScsiDxe, CVE-2024-38805.
      - d/p/0001-NetworkPkg-IScsiDxe-Fix-for-out-of-bound-memory-acce.patch

commit 3ca405c30eb9a9b4499221cbbec49d066c80db0c
Author: dann frazier <[email protected]>
Date:   Thu May 15 12:32:11 2025 -0600

    Cherry-pick openssl fix for timing side-channel in ECDSA signature computation, CVE-2024-13176.
    
    * Cherry-pick openssl fix for timing side-channel in ECDSA signature
      computation, CVE-2024-13176.
      - d/p/0001-Fix-timing-side-channel-in-ECDSA-signature-computati.patch