edk2-aarch64-20241117-5.el9 RPM for noarch

From CentOS Stream 9 AppStream for aarch64

AAVMF (ARM Architecture Virtual Machine Firmware) is an EFI Development Kit II
platform that enables UEFI support for QEMU/KVM ARM Virtual Machines. This
package contains a 64-bit build.

Provides

• edk2-aarch64
• AAVMF
• bundled(openssl)

Requires

• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1

License

BSD-2-Clause-Patent and Apache-2.0

Changelog

* Mon Oct 20 2025 Jon Maloy <jmaloy@redhat.com> - 20241117-5
  - edk2-MdePkg-Acpi66.h-Add-ACPI-6.6-header.patch [RHEL-109010]
  - edk2-OvmfPkg-WorkArea.h-Add-MAILBOX_GDT.patch [RHEL-109010]
  - edk2-OvmfPkg-Add-the-Test-command-in-TDX-MailBox.patch [RHEL-109010]
  - edk2-OvmfPkg-Add-the-ResetVector-in-TDX-MailBox.patch [RHEL-109010]
  - edk2-OvmfPkg-TdxDxe-Support-5-level-paging-for-ResetVecto.patch [RHEL-109010]
  - edk2-OvmfPkg-IoMmuDxe-Fix-1M-and-2M-buffer-handling.patch [RHEL-69780]
  - Resolves: RHEL-109010
    (TD guest dmesg reports ACPI BIOS Warning (bug): Incorrect checksum in table [APIC] - 0x29)
  - Resolves: RHEL-69780
    (Fail to create AMD SEV SLES 15 SP4 guest via virt-install --cdrom [rhel-9.8])
* Fri Jul 04 2025 Miroslav Rezanina <mrezanin@redhat.com> - 20241117-4
  - edk2-update-dbx-to-20250610.patch [RHEL-96869]
  - Resolves: RHEL-96869
    ([edk2,rhel-9] dbx update 20250610)
* Wed Mar 19 2025 Jon Maloy <jmaloy@redhat.com> - 20241117-3
  - edk2-OvmfPkg-Use-the-OvmfPkg-version-of-CcProbeLib.patch [RHEL-70865]
  - edk2-Update-dbx-revocation-list-to-2025-02-24-version.patch [RHEL-83019]
  - Resolves: RHEL-70865
    (SNP guest failed to boot with SVSM using OVMF.amdsev.fd [rhel-9.7])
  - Resolves: RHEL-83019
    (The newer revocation file and Server 2025 required to update it [rhel-9])
* Mon Jan 20 2025 Miroslav Rezanina <mrezanin@redhat.com> - 20241117-2
  - edk2-Fix-amd-sev-firmware-file-for-amd-snp.patch [RHEL-72447]
  - Resolves: RHEL-72447
    ( QEMU should creating new json file that will correctly describe firmware for amd-sev-snp [rhel-9])
* Mon Dec 09 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20241117-1
  - Update to edk2-stable202411
  - Resolves: RHEL-58063
   ([edk2,rhel-9] rebase to edk2-stable202411)
* Fri Nov 22 2024 Jon Maloy <jmaloy@redhat.com> - 20240524-10
  - edk2-OvmfPkg-Rerun-dispatcher-after-initializing-virtio-r.patch [RHEL-58631]
  - Resolves: RHEL-58631
    ([Regression] HTTP Boot fails to work with edk2-ovmf-20231122-6.el9_4.2 and greater)
* Mon Nov 11 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-9
  - edk2-OvmfPkg-ArmVirtPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-66230]
  - Resolves: RHEL-66230
    ([Regression] [aarch64] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6])
* Wed Nov 06 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-8
  - edk2-OvmfPkg-Add-a-Fallback-RNG-RH-only.patch [RHEL-65725]
  - Resolves: RHEL-65725
    ([Regression] HTTP Boot not working on old vCPU without virtio-rng device present [rhel-9.6])
* Tue Oct 08 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-7
  - edk2-OvmfPkg-VirtioGpuDxe-ignore-display-resolutions-smal.patch [RHEL-56248]
  - edk2-OvmfPkg-QemuVideoDxe-ignore-display-resolutions-smal.patch [RHEL-56248]
  - edk2-MdePkg-Fix-overflow-issue-in-BasePeCoffLib.patch [RHEL-60833]
  - Resolves: RHEL-56248
    (507x510 display resolution should not crash the firmware [edk2,rhel-9.6])
  - Resolves: RHEL-60833
    (CVE-2024-38796 edk2: Integer overflows in PeCoffLoaderRelocateImage [rhel-9.6])
* Fri Sep 13 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-6
  - edk2-OvmfPkg-CpuHotplugSmm-delay-SMM-exit.patch [RHEL-56974]
  - edk2-Bumped-openssl-submodule-version-to-0205b5898872.patch [RHEL-55336]
  - Resolves: RHEL-56974
    (qemu-kvm: warning: Blocked re-entrant IO on MemoryRegion: acpi-cpu-hotplug at addr: 0x0 [rhel-9])
  - Resolves: RHEL-55336
    (CVE-2024-6119 edk2/openssl: Possible denial of service in X.509 name checks [rhel-9.5])
* Mon Sep 09 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-5
  - edk2-UefiCpuPkg-PiSmmCpuDxeSmm-skip-PatchInstructionX86-c.patch [RHEL-45847]
  - Resolves: RHEL-45847
    ([RHEL9.5] Hotplug vcpu to a guest cause guest kernel panic)
* Mon Sep 02 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-4
  - edk2-AmdSevDxe-Fix-the-shim-fallback-reboot-workaround-fo.patch [RHEL-56081]
  - Resolves: RHEL-56081
    ([EDK2] Shim fallback reboot workaround might not work on SNP)
* Tue Aug 20 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-3
  - edk2-NetworkPkg-DxeNetLib-adjust-PseudoRandom-error-loggi.patch [RHEL-45899]
  - edk2-NetworkPkg-DxeNetLib-Reword-PseudoRandom-error-loggi.patch [RHEL-45899]
  - Resolves: RHEL-45899
    ([RHEL-9.5.0] edk2 hit Failed to generate random data)
* Thu Jul 25 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-2
  - edk2-MdeModulePkg-Warn-if-out-of-flash-space-when-writing.patch [RHEL-43442]
  - Resolves: RHEL-43442
    (edk2 disconnects abnormally before loading the kernel)
* Thu Jun 20 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240524-1
  - Rebase to edk2-stable202405
  - Bumo openssl to 8e5beb77088b
  - Resolves: RHEL-32486
    (rebase to edk2-stable202405 [rhel-9])
  - Resolves: RHEL-36446
    (edk2: enable MOR [rhel-9])
  - Resolves: RHEL-21653
    (CVE-2023-6237 edk2: openssl: Excessive time spent checking invalid RSA public keys [rhel-9])
  - Resolves: RHEL-21150
    (CVE-2023-6129 edk2: mysql: openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC)
  - Resolves: RHEL-22490
    (CVE-2024-0727 edk2: openssl: denial of service via null dereference [rhel-9])
* Mon Apr 08 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20240214-2
  - edk2-OvmfPkg-PlatformPei-log-a-warning-when-memory-is-tig.patch [RHEL-22202]
  - edk2-OvmfPkg-PlatformPei-consider-AP-stacks-for-pei-memor.patch [RHEL-22202]
  - edk2-OvmfPkg-PlatformPei-rewrite-page-table-calculation.patch [RHEL-22202]
  - edk2-OvmfPkg-PlatformPei-log-pei-memory-cap-details.patch [RHEL-22202]
  - edk2-UefiCpuPkg-MpInitLib-Add-support-for-multiple-HOBs-t.patch [RHEL-22202]
  - edk2-UefiCpuPkg-MpInitLib-Add-support-for-multiple-HOBs-t.p2.patch [RHEL-22202]
  - edk2-UefiCpuPkg-MpInitLib-Add-support-for-multiple-HOBs-t.p3.patch [RHEL-22202]
  - edk2-UefiCpuPkg-MpInitLib-Add-support-for-multiple-HOBs-t.p4.patch [RHEL-22202]
  - edk2-UefiCpuPkg-MpInitLib-Add-support-for-multiple-HOBs-t.p5.patch [RHEL-22202]
  - edk2-UefiCpuPkg-MpInitLib-return-early-in-GetBspNumber.patch [RHEL-22202]
  - Resolves: RHEL-22202
    ([EDK2] Support booting with 4096 vcpus)
* Tue Feb 27 2024 Gerd Hoffmann <kraxel@redhat.com> - 20240214-1
  - Rebase to edk2-stable202302
  - Resolves: RHEL-26879
* Thu Feb 22 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20231122-6
  - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Add-Unit-tests-to-CI-and-create-Host-Test.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Un.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Pa.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Un.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Patc.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Unit.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Patc.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Unit.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p2.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p3.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p4.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Adds-a-SecurityFix.yaml-file.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Re.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Dhcp6Dxe-Removes-duplicate-check-and-repl.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Dhcp6Dxe-Packet-Length-is-not-updated-bef.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - edk2-NetworkPkg-Updating-SecurityFixes.yaml.patch [RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853]
  - Resolves: RHEL-21841
    (CVE-2023-45229 edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message [rhel-9])
  - Resolves: RHEL-21843
    (CVE-2023-45230 edk2: Buffer overflow in the DHCPv6 client via a long Server ID option [rhel-9])
  - Resolves: RHEL-21845
    (CVE-2023-45231 edk2: Out of Bounds read when handling a ND Redirect message with truncated options [rhel-9])
  - Resolves: RHEL-21847
    (CVE-2023-45232 edk2: Infinite loop when parsing unknown options in the Destination Options header [rhel-9])
  - Resolves: RHEL-21849
    (TRIAGE CVE-2023-45233 edk2: Infinite loop when parsing a PadN option in the Destination Options header [rhel-9])
  - Resolves: RHEL-21851
    (CVE-2023-45234 edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message [rhel-9])
  - Resolves: RHEL-21853
    (TRIAGE CVE-2023-45235 edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message [rhel-9])
* Mon Feb 19 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20231122-5
  - edk2-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4118.patch [RHEL-21157]
  - edk2-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4118.patch [RHEL-21157]
  - edk2-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-411-2.patch [RHEL-21157]
  - edk2-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-411-3.patch [RHEL-21157]
  - edk2-SecurityPkg-Updating-SecurityFixes.yaml-after-symbol.patch [RHEL-21157]
  - edk2-OvmfPkg-Sec-Setup-MTRR-early-in-the-boot-process.patch [RHEL-21704]
  - edk2-MdePkg-ArchitecturalMsr.h-add-defines-for-MTRR-cache.patch [RHEL-21704]
  - edk2-UefiCpuPkg-MtrrLib.h-use-cache-type-defines-from-Arc.patch [RHEL-21704]
  - edk2-OvmfPkg-Sec-use-cache-type-defines-from-Architectura.patch [RHEL-21704]
  - Resolves: RHEL-21157
    (CVE-2022-36764 edk2: heap buffer overflow in Tcg2MeasurePeImage() [rhel-9])
  - Resolves: RHEL-21704
    (vGPU VM take several minutes to show tianocore logo if firmware is ovmf)
* Wed Jan 31 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20231122-4
  - edk2-OvmfPkg-VirtNorFlashDxe-add-casts-to-UINTN-and-UINT3.patch [RHEL-20963]
  - edk2-OvmfPkg-VirtNorFlashDxe-clarify-block-write-logic-fi.patch [RHEL-20963]
  - edk2-OvmfPkg-VirtNorFlashDxe-add-a-loop-for-NorFlashWrite.patch [RHEL-20963]
  - edk2-OvmfPkg-VirtNorFlashDxe-allow-larger-writes-without-.patch [RHEL-20963]
  - edk2-OvmfPkg-VirtNorFlashDxe-ValidateFvHeader-unwritten-s.patch [RHEL-20963]
  - edk2-OvmfPkg-VirtNorFlashDxe-move-DoErase-code-block-into.patch [RHEL-20963]
  - Resolves: RHEL-20963
    ([rhel9] guest fails to boot due to ASSERT error)
* Mon Jan 22 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20231122-3
  - edk2-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-411.patch [RHEL-21155]
  - edk2-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4117.patch [RHEL-21155]
  - edk2-SecurityPkg-Adding-CVE-2022-36763-to-SecurityFixes.y.patch [RHEL-21155]
  - Resolves: RHEL-21155
    (CVE-2022-36763 edk2: heap buffer overflow in Tcg2MeasureGptTable() [rhel-9])
* Mon Jan 15 2024 Miroslav Rezanina <mrezanin@redhat.com> - 20231122-2
  - edk2-OvmfPkg-RiscVVirt-use-gEfiAuthenticatedVariableGuid-.patch [RHEL-20963]
  - edk2-OvmfPkg-VirtNorFlashDxe-stop-accepting-gEfiVariableG.patch [RHEL-20963]
  - edk2-OvmfPkg-VirtNorFlashDxe-sanity-check-variables.patch [RHEL-20963]
  - Resolves: RHEL-20963
    ([rhel9] guest fails to boot due to ASSERT error)
* Fri Dec 15 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20231122-1
  - Rebase to edk2-stable202311 [RHEL-12323]
  - Switch to OpenSSL 3.0 [RHEL-49]
  - Resolves: RHEL-12323
    (Rebase EDK2 for RHEL 9.4)
  - Resolves: RHEL-49
    (consume / bundle RHEL-9 OpenSSL (version 3.0.x) in RHEL-9 edk2)

Files

/usr/share/AAVMF
/usr/share/AAVMF/AAVMF_CODE.fd
/usr/share/AAVMF/AAVMF_CODE.verbose.fd
/usr/share/AAVMF/AAVMF_VARS.fd
/usr/share/edk2
/usr/share/edk2/aarch64
/usr/share/edk2/aarch64/QEMU_EFI-pflash.qcow2
/usr/share/edk2/aarch64/QEMU_EFI-pflash.raw
/usr/share/edk2/aarch64/QEMU_EFI-silent-pflash.qcow2
/usr/share/edk2/aarch64/QEMU_EFI-silent-pflash.raw
/usr/share/edk2/aarch64/QEMU_EFI.fd
/usr/share/edk2/aarch64/QEMU_EFI.silent.fd
/usr/share/edk2/aarch64/QEMU_VARS.fd
/usr/share/edk2/aarch64/vars-template-pflash.qcow2
/usr/share/edk2/aarch64/vars-template-pflash.raw
/usr/share/licenses/edk2-aarch64
/usr/share/licenses/edk2-aarch64/LICENSE.openssl
/usr/share/licenses/edk2-aarch64/License-History.txt
/usr/share/licenses/edk2-aarch64/License.OvmfPkg.txt
/usr/share/licenses/edk2-aarch64/License.txt
/usr/share/qemu
/usr/share/qemu/firmware
/usr/share/qemu/firmware/50-edk2-aarch64-qcow2.json
/usr/share/qemu/firmware/51-edk2-aarch64-raw.json
/usr/share/qemu/firmware/52-edk2-aarch64-verbose-qcow2.json
/usr/share/qemu/firmware/53-edk2-aarch64-verbose-raw.json

Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Oct 30 06:21:22 2025