UbuntuUpdates.org

Package "ovmf"

Name: ovmf

Description:

UEFI firmware for 64-bit x86 virtual machines

Latest version: 0~20191122.bd85bf54-2ubuntu3.6
Release: focal (20.04)
Level: updates
Repository: main
Head package: edk2
Homepage: http://www.tianocore.org

Links


Download "ovmf"


Other versions of "ovmf" in Focal

Repository Area Version
base main 0~20191122.bd85bf54-2ubuntu3
security main 0~20191122.bd85bf54-2ubuntu3.6

Changelog

Version: 0~20191122.bd85bf54-2ubuntu3.6 2024-10-10 07:07:23 UTC

  edk2 (0~20191122.bd85bf54-2ubuntu3.6) focal-security; urgency=medium

  * SECURITY UPDATE: integer underflow
    - debian/patches/CVE-2021-38578.patch: Add SafeIntLib to check for
      under or overflows
    - CVE-2021-38578

 -- Bruce Cable <email address hidden> Tue, 08 Oct 2024 18:01:22 +1100

Source diff to previous version
CVE-2021-38578 Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.

Version: 0~20191122.bd85bf54-2ubuntu3.5 2024-02-15 00:06:52 UTC

  edk2 (0~20191122.bd85bf54-2ubuntu3.5) focal; urgency=medium

  * Disable the built-in Shell when SecureBoot is enabled, CVE-2023-48733.
    Thanks to Mate Kukri. LP: #2040137.
    - Backport support for GetSetupMode() and IsSecureBootEnabled():
      + 0001-SecurityPkg-Create-SecureBootVariableLib.patch
      + 0002-ArmVirtPkg-add-SecureBootVariableLib-class-resolutio.patch
      + 0003-OvmfPkg-add-SecureBootVariableLib-class-resolution.patch
      + 0004-SecurityPkg-SecureBootVariableLib-Added-newly-suppor.patch
      + 0005-EmulatorPkg-add-SecureBootVariableLib-class-resoluti.patch
    - Disable the built-in Shell when SecureBoot is enabled:
      + Disable-the-Shell-when-SecureBoot-is-enabled.patch

 -- dann frazier <email address hidden> Tue, 13 Feb 2024 17:52:30 -0700

Source diff to previous version

Version: 0~20191122.bd85bf54-2ubuntu3.4 2023-01-25 00:07:08 UTC

  edk2 (0~20191122.bd85bf54-2ubuntu3.4) focal; urgency=medium

  [ dann frazier ]
  * Provide 4MB OVMF images: The existing 2MB images no longer
    have sufficient variable space for the current Secure Boot
    Forbidden Signature Database. (LP: #1885662)
    - Convert targets for pre-enrolled variable template images
      into pattern rules. This will be useful for adding additional
      pre-enrolled variable templates.
    - Update fw descriptors to reference 4M images instead of their
      2M counterparts. This will migrate tools that use the descriptor
      interface (like libvirt) over to the 4M images when creating new
      VMs. Existing 2M VMs will require manual migration.
  * Increase autopkgtest timeout from 30s to 60s. (LP: #1885186)

  [ Mustafa Kemal Gilor ]
  * Added autopkg tests for 4MB OVMF images. (LP: #1885662)

 -- Mustafa Kemal GILOR <email address hidden> Tue, 08 Nov 2022 11:40:07 +0300

Source diff to previous version
1885662 please provide 4MB firmware builds
1885186 autopkgtests sometimes timeout

Version: 0~20191122.bd85bf54-2ubuntu3.3 2021-09-23 13:06:26 UTC

  edk2 (0~20191122.bd85bf54-2ubuntu3.3) focal-security; urgency=medium

  * SECURITY UPDATE: Insufficient input validation in MdeModulePkg
    - debian/patches/CVE-2019-11098-*.patch
    - CVE-2019-11098
  * SECURITY UPDATE: overflow in openssl EVP_DecryptUpdate
    - debian/patches/CVE-2021-23840.patch
    - CVE-2021-23840
  * SECURITY UPDATE: DoS via incorrect ASN.1 string termination in openssl
    - debian/patches/CVE-2021-3712-*.patch
    - CVE-2021-3712
  * SECURITY UPDATE: remote buffer overflow in IScsiHexToBin
    - debian/patches/CVE-2021-38575-*.patch
    - CVE-2021-38575

 -- Marc Deslauriers <email address hidden> Mon, 20 Sep 2021 09:11:31 -0400

Source diff to previous version
CVE-2019-11098 Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of ser
CVE-2021-23840 Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is cl
CVE-2021-3712 Read buffer overruns processing ASN.1 strings
CVE-2021-38575 edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe

Version: 0~20191122.bd85bf54-2ubuntu3.2 2021-04-20 20:06:28 UTC

  edk2 (0~20191122.bd85bf54-2ubuntu3.2) focal-security; urgency=medium

  * SECURITY UPDATE: unlimited FV recursion
    - debian/patches/CVE-2021-28210-1.patch: assert SectionInstance
      invariant in FindChildNode() in
      MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c.
    - debian/patches/CVE-2021-28210-2.patch: limit FwVol encapsulation
      section recursion in MdeModulePkg/Core/Dxe/DxeMain.inf,
      MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c,
      MdeModulePkg/MdeModulePkg.dec, MdeModulePkg/MdeModulePkg.uni.
    - CVE-2021-28210
  * SECURITY UPDATE: possible heap corruption in LzmaUefiDecompressGetInfo
    - debian/patches/CVE-2021-28211.patch: catch 4GB+ uncompressed
      buffer sizes in
      MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompress.c,
      MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompressLibInternal.h.
    - CVE-2021-28211

 -- Marc Deslauriers <email address hidden> Mon, 12 Apr 2021 08:18:49 -0400

CVE-2021-28210 unlimited FV recursion, round 2
CVE-2021-28211 possible heap corruption with LzmaUefiDecompressGetInfo



About   -   Send Feedback to @ubuntu_updates