Hello community, here is the log from the commit of package ovmf for openSUSE:Factory checked in at 2020-09-09 17:48:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ovmf (Old) and /work/SRC/openSUSE:Factory/.ovmf.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ovmf" Wed Sep 9 17:48:21 2020 rev:51 rq:832683 version:202008 Changes: -------- --- /work/SRC/openSUSE:Factory/ovmf/ovmf.changes 2020-07-26 16:16:40.496660258 +0200 +++ /work/SRC/openSUSE:Factory/.ovmf.new.3399/ovmf.changes 2020-09-09 17:49:39.154558706 +0200 @@ -1,0 +2,81 @@ +Mon Sep 7 03:55:46 UTC 2020 - Gary Ching-Pang Lin <g...@suse.com> + +- Update to edk2-stable202008 + + MdeModulePkg/Library: add PEIM and SEC module type to + TpmMeasurementLibNull + + SecurityPkg/DxeImageVerificationLib: catch alignment overflow + (CVE-2019-14562) (bsc#1175476) + + OvmfPkg/CpuHotplugSmm: fix CPU hotplug race before and after + SMI broadcast + + SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY + + MdePkg/Include: Add missing definition of SMBIOS type 42h in + SmBios.h + + MdePkg: UefiFileHandleLib: fix buffer overrun in + FileHandleReadLine() + + OvmfPkg: Add SEV-ES support + + MdeModulePkg/PartitionDxe: Fix the incorrect LBA size in child + hander + + MdeModulePkg/PartitionDxe: Revert changes for the special MBR + + MdeModulePkg/PartitionDxe: Put the UDF check ahead of MBR + + ShellPkg: smbiosview - Change some type 17 field values format + + CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1g + + MdeModulePkg: Upon BootOption failure, Destroy RamDisk memory + before RSC. + + OvmfPkg/LsiScsiDxe: Add support for LSI 53C895A + + MdeModulePkg/DisplayEngine: Add Debug message to show mismatch + menu info + + Add New Memory Attributes + + MdeModulePkg/PartitionDxe: Add already start check for child + hanldes + + MdeModulePkg/PartitionDxe: Skip the MBR that add for CD-ROM + + MdeModulePkg/PartitionDxe: Correct the MBR last block value + + MdeModulePkg/Variable/RuntimeDxe: Fix return status from + Reclaim() + + SecurityPkg/Tcg2Pei: Add missing PCRIndex in FvBlob event. + + SecurityPkg/Tcg2Dxe: Add PcdTcgPfpMeasurementRevision in + SpecId event. + + CryptoPkg/BaseCryptLib: Add MARCO to disable the deprecated + SHA1 and MD5 + + ArmVirtPkg/NorFlashQemuLib: disable NOR flash DT nodes upon + discovery + + UefiCpuPkg/SecCore: Add pre-memory AP vector + + OvmfPkg: End timer interrupt later to avoid stack overflow + under load + + ArmPkg/PlatformBootManagerLib: regenerate boot options on + boot failure + + MdeModulePkg/StatusCodeHandler: do not output \n\r for string + data + + Revert "OvmfPkg: use generic QEMU image loader for secure boot + enabled ..." + + ArmVirtPkg/PrePi: use standard PeCoff routines for + self-relocation + + ArmVirtPkg: add FDF rule for self-relocating PrePi + + ArmPkg/ArmExceptionLib: use static buffer for sp_el0 + + MdeModulePkg/SetupBrowserDxe: Do not reconnect driver with + form-update + + OvmfPkg/X86QemuLoadImageLib: handle EFI_ACCESS_DENIED from + LoadImage() + + OvmfPkg/Tcg2ConfigPei: generalize TPM2-only file-top comments + + ArmPkg: only attempt buildin MmCommunicationDxe for AArch64 + + ArmPkg/PlatformBootManagerLib: don't connect all devices on + each boot + + ArmPkg/PlatformBootManagerLib: hide UEFI Shell as a regular + boot option + + MdeModulePkg/BootManagerUiLib: show inactive boot options + + ArmPkg/PlatformBootManagerLib: fall back to the UiApp on + boot failure + + ArmPkg/PlatformBootManagerLib: register 's' as UEFI Shell + hotkey + + ArmPkg/PlatformBootManagerLib: connect non-discoverable USB + hosts + + ArmPkg/ArmSvcLib: prevent speculative execution beyond svc + + ArmPkg/PlatformBootManagerLib: reject 'default' parity and + stop bit count + + ArmPkg/PlatformBootManagerLib: use static assertion for + console type +- Update openssl to 1.1.1g +- Drop openssl-fix-syntax-error.patch + + The new openssl already includes the fix. +- Refresh ovmf-pie.patch and ovmf-disable-ia32-firmware-piepic.patch + +------------------------------------------------------------------- Old: ---- edk2-stable202005.tar.gz openssl-1.1.1d.tar.gz openssl-1.1.1d.tar.gz.asc openssl-fix-syntax-error.patch New: ---- edk2-stable202008.tar.gz openssl-1.1.1g.tar.gz openssl-1.1.1g.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ovmf.spec ++++++ --- /var/tmp/diff_new_pack.CRcuNM/_old 2020-09-09 17:49:42.034561046 +0200 +++ /var/tmp/diff_new_pack.CRcuNM/_new 2020-09-09 17:49:42.038561050 +0200 @@ -18,7 +18,7 @@ %undefine _build_create_debug -%global openssl_version 1.1.1d +%global openssl_version 1.1.1g %global softfloat_version b64af41c3276f Name: ovmf @@ -26,7 +26,7 @@ Summary: Open Virtual Machine Firmware License: BSD-2-Clause-Patent Group: System/Emulators/PC -Version: 202005 +Version: 202008 Release: 0 Source0: https://github.com/tianocore/edk2/archive/edk2-stable%{version}.tar.gz Source1: https://www.openssl.org/source/openssl-%{openssl_version}.tar.gz @@ -52,7 +52,6 @@ Patch3: %{name}-pie.patch Patch4: %{name}-disable-ia32-firmware-piepic.patch Patch5: %{name}-set-fixed-enroll-time.patch -Patch100: openssl-fix-syntax-error.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: bc BuildRequires: cross-arm-binutils @@ -174,7 +173,6 @@ # add openssl pushd CryptoPkg/Library/OpensslLib/openssl tar -xf %{SOURCE1} --strip 1 -%patch100 -p1 popd # add berkeley-softfloat-3 ++++++ edk2-stable202005.tar.gz -> edk2-stable202008.tar.gz ++++++ /work/SRC/openSUSE:Factory/ovmf/edk2-stable202005.tar.gz /work/SRC/openSUSE:Factory/.ovmf.new.3399/edk2-stable202008.tar.gz differ: char 13, line 1 ++++++ ovmf-disable-ia32-firmware-piepic.patch ++++++ --- /var/tmp/diff_new_pack.CRcuNM/_old 2020-09-09 17:49:42.170561157 +0200 +++ /var/tmp/diff_new_pack.CRcuNM/_new 2020-09-09 17:49:42.174561160 +0200 @@ -1,10 +1,10 @@ -Index: edk2-edk2-stable201905/BaseTools/Conf/tools_def.template +Index: edk2-edk2-stable202008/BaseTools/Conf/tools_def.template =================================================================== ---- edk2-edk2-stable201905.orig/BaseTools/Conf/tools_def.template -+++ edk2-edk2-stable201905/BaseTools/Conf/tools_def.template -@@ -1738,7 +1738,7 @@ DEFINE GCC_AARCH64_RC_FLAGS = -I +--- edk2-edk2-stable202008.orig/BaseTools/Conf/tools_def.template ++++ edk2-edk2-stable202008/BaseTools/Conf/tools_def.template +@@ -1954,7 +1954,7 @@ DEFINE GCC_DEPS_FLAGS = -MM - DEFINE GCC48_ALL_CC_FLAGS = -g -fshort-wchar -fno-builtin -fno-strict-aliasing -Wall -Werror -Wno-array-bounds -ffunction-sections -fdata-sections -include AutoGen.h -fno-common -DSTRING_ARRAY_NAME=$(BASE_NAME)Strings + DEFINE GCC48_ALL_CC_FLAGS = DEF(GCC_ALL_CC_FLAGS) -ffunction-sections -fdata-sections -DSTRING_ARRAY_NAME=$(BASE_NAME)Strings DEFINE GCC48_IA32_X64_DLINK_COMMON = -nostdlib -Wl,-n,-q,--gc-sections -z common-page-size=0x20 -DEFINE GCC48_IA32_CC_FLAGS = DEF(GCC48_ALL_CC_FLAGS) -m32 -march=i586 -malign-double -fno-stack-protector -D EFI32 -fno-asynchronous-unwind-tables -Wno-address +DEFINE GCC48_IA32_CC_FLAGS = DEF(GCC48_ALL_CC_FLAGS) -m32 -march=i586 -malign-double -fno-stack-protector -D EFI32 -fno-asynchronous-unwind-tables -Wno-address -fno-pic -fno-pie ++++++ ovmf-pie.patch ++++++ --- /var/tmp/diff_new_pack.CRcuNM/_old 2020-09-09 17:49:42.186561170 +0200 +++ /var/tmp/diff_new_pack.CRcuNM/_new 2020-09-09 17:49:42.186561170 +0200 @@ -1,13 +1,13 @@ -Index: edk2-edk2-stable201905/BaseTools/Source/C/Makefiles/header.makefile +Index: edk2-edk2-stable202008/BaseTools/Source/C/Makefiles/header.makefile =================================================================== ---- edk2-edk2-stable201905.orig/BaseTools/Source/C/Makefiles/header.makefile -+++ edk2-edk2-stable201905/BaseTools/Source/C/Makefiles/header.makefile -@@ -75,7 +75,7 @@ else +--- edk2-edk2-stable202008.orig/BaseTools/Source/C/Makefiles/header.makefile ++++ edk2-edk2-stable202008/BaseTools/Source/C/Makefiles/header.makefile +@@ -88,7 +88,7 @@ else BUILD_CFLAGS = -MD -fshort-wchar -fno-strict-aliasing -fwrapv \ -fno-delete-null-pointer-checks -Wall -Werror \ -Wno-deprecated-declarations -Wno-stringop-truncation -Wno-restrict \ --Wno-unused-result -nostdlib -g +-Wno-unused-result -nostdlib -g -fPIE endif - BUILD_LFLAGS = - BUILD_CXXFLAGS = -Wno-unused-result + endif + ifeq ($(CXX), llvm)