Package "edk2"
Name: |
edk2
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- transitional dummy package
|
Latest version: |
0~20191122.bd85bf54-2ubuntu3.6 |
Release: |
focal (20.04) |
Level: |
updates |
Repository: |
universe |
Links
Other versions of "edk2" in Focal
Packages in group
Deleted packages are displayed in grey.
Changelog
edk2 (0~20191122.bd85bf54-2ubuntu3.6) focal-security; urgency=medium
* SECURITY UPDATE: integer underflow
- debian/patches/CVE-2021-38578.patch: Add SafeIntLib to check for
under or overflows
- CVE-2021-38578
-- Bruce Cable <email address hidden> Tue, 08 Oct 2024 18:01:22 +1100
|
Source diff to previous version |
CVE-2021-38578 |
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. |
|
edk2 (0~20191122.bd85bf54-2ubuntu3.5) focal; urgency=medium
* Disable the built-in Shell when SecureBoot is enabled, CVE-2023-48733.
Thanks to Mate Kukri. LP: #2040137.
- Backport support for GetSetupMode() and IsSecureBootEnabled():
+ 0001-SecurityPkg-Create-SecureBootVariableLib.patch
+ 0002-ArmVirtPkg-add-SecureBootVariableLib-class-resolutio.patch
+ 0003-OvmfPkg-add-SecureBootVariableLib-class-resolution.patch
+ 0004-SecurityPkg-SecureBootVariableLib-Added-newly-suppor.patch
+ 0005-EmulatorPkg-add-SecureBootVariableLib-class-resoluti.patch
- Disable the built-in Shell when SecureBoot is enabled:
+ Disable-the-Shell-when-SecureBoot-is-enabled.patch
-- dann frazier <email address hidden> Tue, 13 Feb 2024 17:52:30 -0700
|
Source diff to previous version |
edk2 (0~20191122.bd85bf54-2ubuntu3.4) focal; urgency=medium
[ dann frazier ]
* Provide 4MB OVMF images: The existing 2MB images no longer
have sufficient variable space for the current Secure Boot
Forbidden Signature Database. (LP: #1885662)
- Convert targets for pre-enrolled variable template images
into pattern rules. This will be useful for adding additional
pre-enrolled variable templates.
- Update fw descriptors to reference 4M images instead of their
2M counterparts. This will migrate tools that use the descriptor
interface (like libvirt) over to the 4M images when creating new
VMs. Existing 2M VMs will require manual migration.
* Increase autopkgtest timeout from 30s to 60s. (LP: #1885186)
[ Mustafa Kemal Gilor ]
* Added autopkg tests for 4MB OVMF images. (LP: #1885662)
-- Mustafa Kemal GILOR <email address hidden> Tue, 08 Nov 2022 11:40:07 +0300
|
Source diff to previous version |
1885662 |
please provide 4MB firmware builds |
1885186 |
autopkgtests sometimes timeout |
|
edk2 (0~20191122.bd85bf54-2ubuntu3.3) focal-security; urgency=medium
* SECURITY UPDATE: Insufficient input validation in MdeModulePkg
- debian/patches/CVE-2019-11098-*.patch
- CVE-2019-11098
* SECURITY UPDATE: overflow in openssl EVP_DecryptUpdate
- debian/patches/CVE-2021-23840.patch
- CVE-2021-23840
* SECURITY UPDATE: DoS via incorrect ASN.1 string termination in openssl
- debian/patches/CVE-2021-3712-*.patch
- CVE-2021-3712
* SECURITY UPDATE: remote buffer overflow in IScsiHexToBin
- debian/patches/CVE-2021-38575-*.patch
- CVE-2021-38575
-- Marc Deslauriers <email address hidden> Mon, 20 Sep 2021 09:11:31 -0400
|
Source diff to previous version |
CVE-2019-11098 |
Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of ser |
CVE-2021-23840 |
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is cl |
CVE-2021-3712 |
Read buffer overruns processing ASN.1 strings |
CVE-2021-38575 |
edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe |
|
edk2 (0~20191122.bd85bf54-2ubuntu3.2) focal-security; urgency=medium
* SECURITY UPDATE: unlimited FV recursion
- debian/patches/CVE-2021-28210-1.patch: assert SectionInstance
invariant in FindChildNode() in
MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c.
- debian/patches/CVE-2021-28210-2.patch: limit FwVol encapsulation
section recursion in MdeModulePkg/Core/Dxe/DxeMain.inf,
MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c,
MdeModulePkg/MdeModulePkg.dec, MdeModulePkg/MdeModulePkg.uni.
- CVE-2021-28210
* SECURITY UPDATE: possible heap corruption in LzmaUefiDecompressGetInfo
- debian/patches/CVE-2021-28211.patch: catch 4GB+ uncompressed
buffer sizes in
MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompress.c,
MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompressLibInternal.h.
- CVE-2021-28211
-- Marc Deslauriers <email address hidden> Mon, 12 Apr 2021 08:18:49 -0400
|
|
About
-
Send Feedback to @ubuntu_updates