{% if book.draft %} ** DRAFT FOR REVIEW ** {% else %} ** {{ book.version }} ** {% endif %}
** {{ gitbook.time|date('MM/DD/YYYY hh:mm:ss') }} **
{% if book.udkrelease %} ** {{ book.udkrelease }} ** {% endif %}
This document will list briefings on each third party security issue found and give a description, a timeline on updating component, an acknowledgment that the solution is included in tagged release.
| CVE | Exposure | Recommended Stable Tags |
|---|---|---|
| CVE-2021-3449 - OpenSSL | No cryptopkg Exposure | 1.1.1j, edk2-stable202105 1.1.1n, edk2-stable202205 |
| CVE-2021-3450 - OpenSSL | No cryptopkg Exposure | 1.1.1j, edk2-stable202105 1.1.1n, edk2-stable202205 |
| CVE-2021-3711 - OpenSSL | No cryptopkg Exposure | 1.1.1j, edk2-stable202105 1.1.1n, edk2-stable202205 |
| CVE-2021-3712 - OpenSSL | No cryptopkg Exposure | 1.1.1j, edk2-stable202105 1.1.1n, edk2-stable202205 |
| CVE-2021-4160 - OpenSSL | No cryptopkg Exposure | 1.1.1j, edk2-stable202105 1.1.1n, edk2-stable202205 |
| CVE-2022-0778 - OpenSSL | No cryptopkg Exposure | 1.1.1j, edk2-stable202105 1.1.1n, edk2-stable202205 |
| CVE-2022-1292 - OpenSSL | No cryptopkg Exposure | 1.1.1j, edk2-stable202105 1.1.1n, edk2-stable202205 |
| CVE-2022-2068 - OpenSSL | No cryptopkg Exposure | 1.1.1j, edk2-stable202105 1.1.1n, edk2-stable202205 |
| CVE-2022-2097 - OpenSSL | No cryptopkg Exposure | 1.1.1j, edk2-stable202105 1.1.1n, edk2-stable202205 |
(short form)
- Security Bugs reported through: National Vulnerability Database
- The issue is evaluated for EDK2 exposure
- Determine Timeline for updating to Master
- Update third party component list updated in version tag
| Revision | Revision History | Date |
|---|---|---|
| .001.0 | Initial release. Logs 1 - 9 |
Jul 20, 2022 |