FEDORA-2019-bff1cbaba3

security update in Fedora 29 for edk2

Status: stable 5 months ago
  • Use YYYYMMDD versioning to fix upgrade path

  • Update to stable-201903
  • Update to openssl-1.1.0j
  • Move to python3 deps

Comments 14

This update has been submitted for testing by crobinso.

This update has obsoleted edk2-201903stable-1.fc29, and has inherited its bugs and notes.

crobinso edited this update.

The upgrade to edk2-ovmf-20190308stable-1 from koji completed correctly without the error in #1689633. Thanks.

#1689633: +1

This update has been pushed to testing.

works for me

karma: +1

Works fine with KVM / UEFI / libvirt VMs.

karma: +1

Works great! LGTM! =)

karma: +1

my UEFI libvirt VMs work fine

karma: +1 critpath: +1

my UEFI libvirt VMs work fine

karma: +1 critpath: +1

This update has reached the stable karma threshold and can be pushed to stable now if the maintainer wishes.

This update has been submitted for batched by crobinso.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
+4
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Disabled
Autopush (time)
Disabled
Dates
submitted 6 months ago
in testing 6 months ago
in stable 5 months ago
modified 6 months ago

Related Bugs 31

00 #1641433 CVE-2018-3613 edk2: Logic error in MdeModulePkg in EDK II firmware allows for privilege escalation by authenticated users
00 #1641434 CVE-2018-3613 edk2: Logic error in MdeModulePkg in EDK II firmware allows for privilege escalation by authenticated users [fedora-all]
00 #1641442 CVE-2017-5731 edk2: Privilege escalation via processing of malformed files in TianoCompress.c
00 #1641443 CVE-2017-5731 edk2: Privilege escalation via processing of malformed files in TianoCompress.c [fedora-all]
00 #1641446 CVE-2017-5732 edk2: Privilege escalation via processing of malformed files in BaseUefiDecompressLib.c
00 #1641447 CVE-2017-5732 edk2: Privilege escalation via processing of malformed files in BaseUefiDecompressLib.c [fedora-all]
00 #1641450 CVE-2017-5733 edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function
00 #1641451 CVE-2017-5733 edk2: Privilege escalation via heap-based buffer overflow in MakeTable() function [fedora-all]
00 #1641458 CVE-2017-5734 edk2: Privilege escalation via stack-based buffer overflow in MakeTable() function
00 #1641461 CVE-2017-5734 edk2: Privilege escalation via stack-based buffer overflow in MakeTable() function [fedora-all]
00 #1641465 CVE-2017-5735 edk2: Privilege escalation via heap-based buffer overflow in Decode() function
00 #1641467 CVE-2017-5735 edk2: Privilege escalation via heap-based buffer overflow in Decode() function [fedora-all]
00 #1683326 CVE-2018-12178 edk2: improper DNS packet size check
00 #1683330 CVE-2018-12178 edk2: improper DNS packet size check [fedora-all]
00 #1683372 CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk
00 #1683373 CVE-2018-12180 edk2: Buffer Overflow in BlockIo service for RAM disk [fedora-all]
00 #1683404 edk2: stack buffer overflow in file/path name string check in UdfDxe/File.c
00 #1683405 edk2: stack buffer overflow in file/path name string check in UdfDxe/File.c [fedora-all]
00 #1683410 edk2: stack buffer overflow in FindAnchorVolumeDescriptorPointer in PartitionDxe/Udf.c
00 #1683411 edk2: stack buffer overflow in FindAnchorVolumeDescriptorPointer in PartitionDxe/Udf.c [fedora-all]
00 #1683413 edk2: heap buffer overflow in ReadFile in UdfDxe/FileSystemOperations.c
00 #1683414 edk2: heap buffer overflow in ReadFile in UdfDxe/FileSystemOperations.c [fedora-all]
00 #1683421 edk2: heap buffer overflow in LengthofComponentIdentifier in UdfDxe/FileSystemOperations.c
00 #1683423 edk2: heap buffer overflow in LengthofComponentIdentifier in UdfDxe/FileSystemOperations.c [fedora-all]
00 #1683425 edk2: heap buffer overflow in NumberOfPartitions in UdfDxe/FileSystemOperations.c
00 #1683429 edk2: heap buffer overflow in NumberOfPartitions in UdfDxe/FileSystemOperations.c [fedora-all]
00 #1683653 CVE-2018-3630 ovmf: Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c
00 #1683654 CVE-2018-3630 edk2: ovmf: Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c [fedora-all]
00 #1686783 CVE-2018-12181 edk2: Stack buffer overflow with corrupted BMP
00 #1686784 CVE-2018-12181 edk2: Stack buffer overflow with corrupted BMP [fedora-all]
0+1 #1689633 dnf error Package edk2-ovmf of higher version already installed, cannot update it when upgrading to edk2-ovmf-201903stable-1.fc29

Automated Test Results