<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body>
<p>Hello Kun,<br>
<br>
The OpenBMC side of the fixes are captured in this link.<br>
<br>
<a
href="https://www.flamingspork.com/blog/2019/01/23/cve-2019-6260-gaining-control-of-bmc-from-the-host-processor/">https://www.flamingspork.com/blog/2019/01/23/cve-2019-6260-gaining-control-of-bmc-from-the-host-processor/<br>
<br>
</a></p>
Regards,<br>
Tom<br>
<br>
<div class="moz-cite-prefix">On 21-09-2020 05:17, Kun Zhao wrote:<br>
</div>
<blockquote type="cite"
cite="mid:BYAPR14MB234222A907DAA5A640E1DABACF3D0@BYAPR14MB2342.namprd14.prod.outlook.com"><!-- BaNnErBlUrFlE-HeAdEr-start -->
<meta name="viewport" content="width=device-width;
initial-scale=1.0; maximum-scale=1.0; user-scalable=no;">
<style>
/* Mobile */
@media screen and (max-width: 630px){
* {-webkit-text-size-adjust: none}
a[href^="x-apple-data-detectors:"] { color: inherit; text-decoration: none; }
.pfptTitle { font-size:22px !important; line-height:26px !important; text-align: center !important; }
.pfptSubtitle { font-size:14px !important; line-height:18px !important; text-align: center !important; }
.pfptMainWrapper { margin-top: 0 !important; margin-right: 0 !important; margin-left: 0 !important; }
th[class="pfptTableColumnLeft"] {width:100% !important; height:auto !important; display:block !important; text-align: center !important; }
th[class="pfptTableColumnRight"] {width:100% !important; height:auto !important; display:block !important; text-align: center !important; }
.pfptButton { font-size:16px !important; line-height:16px !important; width: 50% !important; display:block !important; margin-right: auto!important; margin-left: auto!important; }
.pfptButton a { font-size: 16px; }
.pfptButton span { font-size: 16px; }
}
/* Tablet, Laptop, Desktop */
@media screen and (min-width: 631px){
th[class="pfptTableColumnLeft"] { width: 50% !important; height:auto !important; }
th[class="pfptTableColumnRight"] { width: 50% !important; height:auto !important; text-align: right !important; }
}
.pfptPreheader { display:none !important; visibility:hidden; mso-hide:all; font-size:1px; line-height:1px; max-height:0px; max-width:0px; opacity:0; overflow:hidden; }
</style>
<!-- BaNnErBlUrFlE-HeAdEr-end -->
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:DengXian;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"\@DengXian";
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
<!-- BaNnErBlUrFlE-BoDy-start -->
<!-- Preheader Text : BEGIN --> <span class="pfptPreheader"
style="display:none
!important;visibility:hidden;mso-hide:all;font-size:1px;color:#ffffff;line-height:1px;max-height:0px;max-width:0px;opacity:0;overflow:hidden;">
Hi Team, This link here described the ‘pantsdown’ vulnerability
found in OpenBMC,...
</span>
<!-- Preheader Text : END -->
<!-- Email Banner : BEGIN -->
<table style="width:100%;border-radius:4px;margin-bottom:16px;"
width="100%" cellspacing="0" cellpadding="16" border="0"
bgcolor="#9CA3A7">
<tbody>
<tr>
<td align="center">
<table class="pfptMainWrapper" style="width:100%;"
width="100%" cellspacing="0" cellpadding="0" border="0"
align="center">
<tbody>
<tr>
<td style="border-radius:4px;" valign="top"
align="center">
<table style="max-width:100%; width:100%;"
width="100%" cellspacing="0" cellpadding="0"
border="0" bgcolor="#9CA3A7" align="center">
<tbody>
<tr>
<!-- Message : BEGIN --> <th
class="pfptTableColumnLeft"
style="font-weight:normal;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;width:100%;height:auto;"
valign="top">
<table
style="width:100%;height:auto;text-align:left;vertical-align:middle;"
width="100%" cellspacing="0"
cellpadding="0">
<tbody>
<tr>
<td> <span class="pfptTitle"
style="font-family:'Roboto','Helvetica','Arial',sans-serif;font-weight:bold;font-size:18px;line-height:20px;display:block;margin-bottom:4px;word-wrap:normal;">This
Message Is From an External
Sender</span> </td>
</tr>
<tr>
<td> <span class="pfptSubtitle"
style="font-weight:normal;font-family:'Roboto','Helvetica','Arial',sans-serif;font-size:13px;line-height:16px;display:block;word-wrap:normal;">This
message came from outside your
organization.</span> </td>
</tr>
</tbody>
</table>
</th>
<!-- Message : END --> </tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<!-- Email Banner : END -->
<!-- BaNnErBlUrFlE-BoDy-end -->
<div class="WordSection1">
<p class="MsoNormal">Hi Team,</p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">This link here described the ‘pantsdown’
vulnerability found in OpenBMC,</p>
<p class="MsoNormal"><a
href="https://github.com/openbmc/openbmc/issues/3475"
moz-do-not-send="true">https://github.com/openbmc/openbmc/issues/3475</a></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">So what are the commits for fixing it?</p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Kun<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</blockquote>
</body>
</html>