diff options
author | Wu, Jiaxin <jiaxin.wu@intel.com> | 2019-09-27 11:44:38 +0800 |
---|---|---|
committer | Laszlo Ersek <lersek@redhat.com> | 2019-11-02 12:07:11 +0100 |
commit | 31efec82796cb950e99d1622aa9c0eb8380613a0 (patch) | |
tree | 7f8fbafa16df62f2c8d5f6016d8468212665df28 /CryptoPkg/Include | |
parent | b15646484eaffcf7cc464fdea0214498f26addc2 (diff) | |
download | edk2-31efec82796cb950e99d1622aa9c0eb8380613a0.tar.gz edk2-31efec82796cb950e99d1622aa9c0eb8380613a0.tar.bz2 edk2-31efec82796cb950e99d1622aa9c0eb8380613a0.zip |
MdePkg/Include/Protocol/Tls.h: Add the data type of EfiTlsVerifyHost (CVE-2019-14553)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=960
CVE: CVE-2019-14553
In the patch, we add the new data type named "EfiTlsVerifyHost" and
the EFI_TLS_VERIFY_HOST_FLAG for the TLS protocol consumer (HTTP)
to enable the host name check so as to avoid the potential
Man-In-The-Middle attack.
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20190927034441.3096-2-Jiaxin.wu@intel.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Sivaraman Nainar <sivaramann@amiindia.co.in>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Diffstat (limited to 'CryptoPkg/Include')
0 files changed, 0 insertions, 0 deletions