Hello
The infosec team in Tianocore request feedback on the proposed process for
handling security issues described in
https://github.com/tianocore/tianocore.github.io/wiki/GHSA-GitHub-Security-Advisories-Proceess-(Draft)
We'd like to make this active after the May stable so feedback by April
I agree. These additions make sense. Perhaps you can format the submission per
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Code-First-Process
in order to have this included in a future UEFI PI specification
https://uefi.org/specs/PI/1.8/V3_Status_Codes.html. I can help you w/
post PI1.8 document, too.
Vincent
From: Pawel Polawski
Sent: Tuesday, March 7, 2023 4:43 AM
To: devel@edk2.groups.io; thomas.lenda...@amd.com; Ni, Ray ;
Kinney, Michael D ; Zimmer, Vincent
; Kirkendall, Garrett
Cc: Gao, Liming ; Liu, Zhiguang
Subject: Re: [edk2-devel] PATCH v1 1/1 MdePkg
rs IMHO
Vincent
-Original Message-
From: Clark-williams, Zachary
Sent: Tuesday, November 1, 2022 10:35 AM
To: Zimmer, Vincent ; Rabeda, Maciej
; Luo, Heng ; Kuo, Scottie
; Kuo, Ted ; Dutkiewicz, Michal
; devel@edk2.groups.io; Wu, Jiaxin
; Otcheretianski, Andrei
Cc: Alappat, Paul ; K
ead to the patches being
rejected.
Vincent
-Original Message-
From: disc...@edk2.groups.io On Behalf Of Marvin Häuser
Sent: Friday, April 15, 2022 6:40 AM
To: disc...@edk2.groups.io; Zimmer, Vincent ; Ada
Christine ; edk2-devel-groups-io
; Desimone, Nathaniel L ;
Mike Wolan ; Kinney, Mic
Fyi
There is a running list of some edk2 defense-in-depth work at
https://github.com/jyao1/SecurityEx/blob/master/Summary.md, too, including
ASLR, if you haven't already seen that material
-Original Message-
From: disc...@edk2.groups.io On Behalf Of Marvin Häuser
Sent: Friday, April 15,
Sounds like we need to open a UEFI Forum Mantis under the PIWG in order to
propagate this clean-up into the next PI specification based upon
https://github.com/tianocore/edk2-staging/tree/BZ3794-expand_status_codes. I
can take care of that next step along w/ queuing up other topics for an
upco