edk2-docs
Security Advisory

Updated 3 months ago

Security Advisory

Tianocore Security Advisory Briefings

Version: .004.0

Date: 01/16/2018 06:46:38

This document will list briefings on each security issue found and give a description, a recomendation on a solution, an acknowlegment that the solution is validated and references.

Revision History

Revision Revision History Date
.002.0 Initial release.
Logs 1 - 19
Jan 9, 2015
.003.0 Logs for 20-26 Nov 29, 2016
.003.1 Logs for 21-26
- Fix more for DHCP issue, feedback from Phoenix.
- Fix Smm Variable GetInfo function issue, discovered by release test.
- Fix GIT hash info, which incorrect stated before. logs 21, 22, 23, 24, 25, 26
Dec 19, 2016
.004.0 Log 27 - Update
Update Gitbook Template
Jan 11, 2018

Process

(short form)

  1. Security Bugs reported through: How to report a Security Issue
  2. The issue is evaluated
  3. Determine if a Security issue
  4. Determine Module
  5. Fix and Validate issue
  6. If Security, Update Security Advisory (This Document)

Acknowledgements

Redistribution and use in source (original document form) and 'compiled' forms (converted to PDF, epub, HTML and other formats) with or without modification, are permitted provided that the following conditions are met:

  1. Redistributions of source code (original document form) must retain the above copyright notice, this list of conditions and the following disclaimer as the first lines of this file unmodified.

  2. Redistributions in compiled form (transformed to other DTDs, converted to PDF, epub, HTML and other formats) must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

THIS DOCUMENTATION IS PROVIDED BY TIANOCORE PROJECT "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL TIANOCORE PROJECT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Copyright (c) 2017-2018, Intel Corporation. All rights reserved.