UbuntuUpdates.org

Bugs fixes in "u-boot"

Origin Bug number Title Date fixed
Launchpad 2078395 [SRU] Add RSA3072 support to jammy 2024-10-24
Launchpad 2054092 [SRU] Add support for FIT images to rpi config 2024-10-03
Launchpad 2078395 [SRU] Add RSA3072 support to jammy 2024-09-13
Launchpad 2054092 [SRU] Add support for FIT images to rpi config 2024-09-13
Launchpad 2036406 [SRU] backport mkeficapsule to jammy 2023-11-22
Launchpad 2036406 [SRU] backport mkeficapsule to jammy 2023-10-14
Launchpad 2026588 [SRU] Copy OpenSBI 1.3 to Jammy and Lunar 2023-08-03
Launchpad 2026588 [SRU] Copy OpenSBI 1.3 to Jammy and Lunar 2023-07-20
Launchpad 1998513 SRU provide RISCV_EFI_BOOT_PROTOCOL in Focal 2023-02-07
Launchpad 1998513 SRU provide RISCV_EFI_BOOT_PROTOCOL in Focal 2023-01-26
CVE CVE-2022-34835 In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corrupti 2022-12-07
CVE CVE-2022-33967 squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a 2022-12-07
CVE CVE-2022-33103 Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir(). 2022-12-07
CVE CVE-2022-30767 nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to 2022-12-07
CVE CVE-2019-14196 An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply. 2022-12-07
CVE CVE-2022-30790 Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. 2022-12-07
CVE CVE-2022-30552 Das U-Boot 2022.01 has a Buffer Overflow. 2022-12-07
CVE CVE-2022-2347 There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and 2022-12-07
CVE CVE-2022-34835 In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corrupti 2022-12-06
CVE CVE-2022-33967 squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a 2022-12-06



About   -   Send Feedback to @ubuntu_updates