FEDORA-2019-3b96bb5186

security update in Fedora 30 for edk2

Status: stable 7 months ago

Use YYYYMMDD versioning to fix upgrade path


  • Update to stable-201903
  • Update to openssl-1.1.0j
  • Move to python3 deps

How to install

sudo dnf upgrade --advisory=FEDORA-2019-3b96bb5186

Comments 9

This update has been submitted for testing by crobinso.

This update has obsoleted edk2-201903stable-1.fc30, and has inherited its bugs and notes.

This update has been pushed to testing.

works for me in a VM

karma: +1

This update has been submitted for batched by bodhi.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 7 months ago
in testing 7 months ago
in stable 7 months ago

Related Bugs 30

00 #1641433 CVE-2018-3613 edk2: Logic error in MdeModulePkg in EDK II firmware allows for privilege escalation by authenticated users
00 #1641434 CVE-2018-3613 edk2: Logic error in MdeModulePkg in EDK II firmware allows for privilege escalation by authenticated users [fedora-all]
00 #1641442 CVE-2017-5731 edk2: Privilege escalation via processing of malformed files in TianoCompress.c
00 #1641443 CVE-2017-5731 edk2: Privilege escalation via processing of malformed files in TianoCompress.c [fedora-all]
00 #1641446 CVE-2017-5732 edk2: Privilege escalation via processing of malformed files in BaseUefiDecompressLib.c
00 #1641447 CVE-2017-5732 edk2: Privilege escalation via processing of malformed files in BaseUefiDecompressLib.c [fedora-all]
00 #1641450 CVE-2017-5733 edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function
00 #1641451 CVE-2017-5733 edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function [fedora-all]
00 #1641458 CVE-2017-5734 edk2: Privilege escalation via stack-based buffer overflow in MakeTable() function
00 #1641461 CVE-2017-5734 edk2: Privilege escalation via stack-based buffer overflow in MakeTable() function [fedora-all]
00 #1641465 CVE-2017-5735 edk2: Privilege escalation via heap-based buffer overflow in Decode() function
00 #1641467 CVE-2017-5735 edk2: Privilege escalation via heap-based buffer overflow in Decode() function [fedora-all]
00 #1683326 CVE-2018-12178 edk2: improper DNS packet size check
00 #1683330 CVE-2018-12178 edk2: improper DNS packet size check [fedora-all]
00 #1683372 CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk
00 #1683373 CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk [fedora-all]
00 #1683404 edk2: stack buffer overflow in file/path name string check in UdfDxe/File.c
00 #1683405 edk2: stack buffer overflow in file/path name string check in UdfDxe/File.c [fedora-all]
00 #1683410 edk2: stack buffer overflow in FindAnchorVolumeDescriptorPointer in PartitionDxe/Udf.c
00 #1683411 edk2: stack buffer overflow in FindAnchorVolumeDescriptorPointer in PartitionDxe/Udf.c [fedora-all]
00 #1683413 edk2: heap buffer overflow in ReadFile in UdfDxe/FileSystemOperations.c
00 #1683414 edk2: heap buffer overflow in ReadFile in UdfDxe/FileSystemOperations.c [fedora-all]
00 #1683421 edk2: heap buffer overflow in LengthofComponentIdentifier in UdfDxe/FileSystemOperations.c
00 #1683423 edk2: heap buffer overflow in LengthofComponentIdentifier in UdfDxe/FileSystemOperations.c [fedora-all]
00 #1683425 edk2: heap buffer overflow in NumberOfPartitions in UdfDxe/FileSystemOperations.c
00 #1683429 edk2: heap buffer overflow in NumberOfPartitions in UdfDxe/FileSystemOperations.c [fedora-all]
00 #1683653 CVE-2018-3630 ovmf: Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c
00 #1683654 CVE-2018-3630 edk2: ovmf: Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c [fedora-all]
00 #1686783 CVE-2018-12181 edk2: Stack buffer overflow with corrupted BMP
00 #1686784 CVE-2018-12181 edk2: Stack buffer overflow with corrupted BMP [fedora-all]

Automated Test Results