Package "fwupd"

Name: fwupd


Firmware update daemon

Latest version: 1.5.11-0ubuntu1~20.04.2
Release: focal (20.04)
Level: updates
Repository: main
Homepage: https://github.com/fwupd/fwupd


Download "fwupd"

Other versions of "fwupd" in Focal

Repository Area Version
base main 1.3.9-4
security universe 1.3.9-4ubuntu0.1
security main 1.3.9-4ubuntu0.1
updates universe 1.5.11-0ubuntu1~20.04.2

Packages in group

Deleted packages are displayed in grey.


Version: 1.5.11-0ubuntu1~20.04.2 2021-08-02 15:06:22 UTC

  fwupd (1.5.11-0ubuntu1~20.04.2) focal; urgency=medium

  * force to use libjcat >= 0.1.3, or signature verification will failed.

Source diff to previous version

Version: 1.3.11-1~focal1 2020-07-16 12:06:22 UTC

  fwupd (1.3.11-1~focal1) focal; urgency=medium

  * New upstream stable release: (LP: #1883568)
    - Actually reload the DFU device after upgrade has completed
    - Capture the dock SKU in report metadata
    - Correctly set the Logitech device protocol
    - Do not use shim for non-secure boot configurations
    - Ensure that the DeviceID is set for child devices
    - Fix an error when detaching MSP430
    - Fix the DeviceID set by GetDetails
    - Force the prometheus minor version from 0x02 to 0x01 to fix updates
    - Parse the CSR firmware as a DFU file
    - Prevent dell-dock updates to occur via synaptics-mst plugin
    - Rather than hardcoding thunderbolt to PCI slot numbers, use domain in GUID
    - Remove a dock device from the whitelist that is never going to be updated
    - Validate that gpgme_op_verify_result() returned at least one signature
    - Wait for the cxaudio device to reboot after writing firmware
    - Add more module types for the Dell dock
    - Fix the TPM PCR0 calculation
    - Check for free space after cleaning up ESP
  * Drop following patches, now incorporated upstream:
    - Thunderbolt: create correct GUID for dual controller devices
    - CSR: Fix parsing
    - Motd: Fix refresh target to be network.target
    - Logitech: Fix error in logs on unsigned devices and set protocol for
      signed devices properly.
    - Fix a FTBFS on empty /etc/machine-id in some buildd environments.
    - CVE-2020-10759

 -- Mario Limonciello <email address hidden> Thu, 18 Jun 2020 11:04:18 -0500

Source diff to previous version
1883568 Update focal fwupd to 1.3.11 point release
CVE-2020-10759 Possible bypass in signature verification

Version: 1.3.9-4ubuntu0.1 2020-06-15 16:06:56 UTC

  fwupd (1.3.9-4ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Signature verification bypass
    - debian/patches/CVE-2020-10759.patch: validate that
      gpgme_op_verify_result() returned at least one signature in
    - CVE-2020-10759

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 09 Jun 2020 10:53:33 -0300

CVE-2020-10759 Possible bypass in signature verification

About   -   Send Feedback to @ubuntu_updates