edk2.git - Cross-platform firmware development environment

diff options

author	Wu, Jiaxin <jiaxin.wu@intel.com>	2019-09-27 11:44:38 +0800
committer	Laszlo Ersek <lersek@redhat.com>	2019-11-02 12:07:11 +0100
commit	31efec82796cb950e99d1622aa9c0eb8380613a0 (patch)
tree	7f8fbafa16df62f2c8d5f6016d8468212665df28 /CryptoPkg/Include
parent	b15646484eaffcf7cc464fdea0214498f26addc2 (diff)
download	edk2-31efec82796cb950e99d1622aa9c0eb8380613a0.tar.gz edk2-31efec82796cb950e99d1622aa9c0eb8380613a0.tar.bz2 edk2-31efec82796cb950e99d1622aa9c0eb8380613a0.zip

MdePkg/Include/Protocol/Tls.h: Add the data type of EfiTlsVerifyHost (CVE-2019-14553)

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=960 CVE: CVE-2019-14553 In the patch, we add the new data type named "EfiTlsVerifyHost" and the EFI_TLS_VERIFY_HOST_FLAG for the TLS protocol consumer (HTTP) to enable the host name check so as to avoid the potential Man-In-The-Middle attack. Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Message-Id: <20190927034441.3096-2-Jiaxin.wu@intel.com> Cc: David Woodhouse <dwmw2@infradead.org> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Sivaraman Nainar <sivaramann@amiindia.co.in> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com> Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Liming Gao <liming.gao@intel.com>

Diffstat (limited to 'CryptoPkg/Include')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: