Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 8 articles for you...
98
security advisorymoderateRed HatRed Hat 9 RHSA-2023:2487-01 Moderate: fwupd Security Patch
An update for fwupd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: fwupd security and bug fix update Advisory ID: RHSA-2023:2487-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:2487 Issue date: 2023-05-09 CVE Names: CVE-2022-3287 CVE-2022-34301 CVE-2022-34302 CVE-2022-34303 ==================================================================== 1. Summary: An update for fwupd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux CRB (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: The fwupd packages provide a service that allows session software to update device firmware. Security Fix(es): * fwupd: world readable password in /etc/fwupd/redfish.conf (CVE-2022-3287) * shim: 3rd party shim allow secure boot bypass (CVE-2022-34301) * shim: 3rd party shim allow secure boot bypass (CVE-2022-34302) * shim: 3rd party shim allow secure boot bypass (CVE-2022-34303) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in theReferences section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2119436 - EFI partition configured as FAT16 instead of 32 2120687 - CVE-2022-34302 shim: 3rd party shim allow secure boot bypass 2120699 - CVE-2022-34301 shim: 3rd party shim allow secure boot bypass 2120701 - CVE-2022-34303 shim: 3rd party shim allow secure boot bypass 2128384 - fwupd fails to apply Secure Boot dbx update on systems 2129280 - CVE-2022-3287 fwupd: world readable password in /etc/fwupd/redfish.conf [rhel-9.2.0] 2129904 - CVE-2022-3287 fwupd: world readable password in /etc/fwupd/redfish.conf 2165096 - Rebase fwupd to pick up all the ESP fixes 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): aarch64: fwupd-debuginfo-1.8.10-2.el9.aarch64.rpm fwupd-debugsource-1.8.10-2.el9.aarch64.rpm fwupd-plugin-flashrom-1.8.10-2.el9.aarch64.rpm fwupd-plugin-flashrom-debuginfo-1.8.10-2.el9.aarch64.rpm fwupd-tests-debuginfo-1.8.10-2.el9.aarch64.rpm ppc64le: fwupd-debuginfo-1.8.10-2.el9.ppc64le.rpm fwupd-debugsource-1.8.10-2.el9.ppc64le.rpm fwupd-plugin-flashrom-1.8.10-2.el9.ppc64le.rpm fwupd-plugin-flashrom-debuginfo-1.8.10-2.el9.ppc64le.rpm x86_64: fwupd-debuginfo-1.8.10-2.el9.x86_64.rpm fwupd-debugsource-1.8.10-2.el9.x86_64.rpm fwupd-plugin-flashrom-1.8.10-2.el9.x86_64.rpm fwupd-plugin-flashrom-debuginfo-1.8.10-2.el9.x86_64.rpm fwupd-tests-debuginfo-1.8.10-2.el9.x86_64.rpm Red Hat Enterprise Linux BaseOS (v.9): Source: fwupd-1.8.10-2.el9.src.rpm aarch64: fwupd-1.8.10-2.el9.aarch64.rpm fwupd-debuginfo-1.8.10-2.el9.aarch64.rpm fwupd-debugsource-1.8.10-2.el9.aarch64.rpm fwupd-plugin-flashrom-debuginfo-1.8.10-2.el9.aarch64.rpm fwupd-tests-debuginfo-1.8.10-2.el9.aarch64.rpm ppc64le: fwupd-1.8.10-2.el9.ppc64le.rpm fwupd-debuginfo-1.8.10-2.el9.ppc64le.rpm fwupd-debugsource-1.8.10-2.el9.ppc64le.rpm fwupd-plugin-flashrom-debuginfo-1.8.10-2.el9.ppc64le.rpm s390x: fwupd-1.8.10-2.el9.s390x.rpm fwupd-debuginfo-1.8.10-2.el9.s390x.rpm fwupd-debugsource-1.8.10-2.el9.s390x.rpm fwupd-tests-debuginfo-1.8.10-2.el9.s390x.rpm x86_64: fwupd-1.8.10-2.el9.x86_64.rpm fwupd-debuginfo-1.8.10-2.el9.x86_64.rpm fwupd-debugsource-1.8.10-2.el9.x86_64.rpm fwupd-plugin-flashrom-debuginfo-1.8.10-2.el9.x86_64.rpm fwupd-tests-debuginfo-1.8.10-2.el9.x86_64.rpm Red Hat Enterprise Linux CRB (v. 9): aarch64: fwupd-debuginfo-1.8.10-2.el9.aarch64.rpm fwupd-debugsource-1.8.10-2.el9.aarch64.rpm fwupd-devel-1.8.10-2.el9.aarch64.rpm fwupd-plugin-flashrom-debuginfo-1.8.10-2.el9.aarch64.rpm fwupd-tests-debuginfo-1.8.10-2.el9.aarch64.rpm ppc64le: fwupd-debuginfo-1.8.10-2.el9.ppc64le.rpm fwupd-debugsource-1.8.10-2.el9.ppc64le.rpm fwupd-devel-1.8.10-2.el9.ppc64le.rpm fwupd-plugin-flashrom-debuginfo-1.8.10-2.el9.ppc64le.rpm s390x: fwupd-debuginfo-1.8.10-2.el9.s390x.rpm fwupd-debugsource-1.8.10-2.el9.s390x.rpm fwupd-devel-1.8.10-2.el9.s390x.rpm fwupd-tests-debuginfo-1.8.10-2.el9.s390x.rpm x86_64: fwupd-debuginfo-1.8.10-2.el9.x86_64.rpm fwupd-debugsource-1.8.10-2.el9.x86_64.rpm fwupd-devel-1.8.10-2.el9.x86_64.rpm fwupd-plugin-flashrom-debuginfo-1.8.10-2.el9.x86_64.rpm fwupd-tests-debuginfo-1.8.10-2.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7.References: https://access.redhat.com/security/cve/CVE-2022-3287 https://access.redhat.com/security/cve/CVE-2022-34301 https://access.redhat.com/security/cve/CVE-2022-34302 https://access.redhat.com/security/cve/CVE-2022-34303 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZFo0dNzjgjWX9erEAQh8EQ/+JbcPzDaBebMgTxNRQCsD/7c1RbQDoeXd zA9quSGHHcgjp8W97VVPB1CpQsoR9SntK6vjU8KQPXVh3wNlyZ0DcU5jKOmgjYu6 YaVN8rBQght4NyMnnhO1pT9Fi6uVGeV6w7ctQmRMRnaUI/Y87HTEc7m9OtliLfLA 3FvHqOOMz4j3ZbXzg+8kuxQQgQk1SSniL1iHAKNoQrkwWcLZFEnW3aQv0rVTpM2M GJ+3hoSwp0YsJSQfFT6GdMFc8lgBzIXBAkyzOSAWTnf0Ncu//mAYiAQPqqwqdtWb znx3uk0M/+OSOgv5ehZWqjpuB0Eifp2Yt/MbAfH5t3I4O4vmMf8TcPihSAPt6IHj D/+eSqD5EXK5Z0JTkAQhepaE45bZU6dWkOgFyPYiLQZQg+mua0lr7NL9fVQ1Om1l +9Pq4gh0274ry7hvenAl3HJ5s2VScfXMpSwrEvFAsDD1sWin5NjsbL/Ol1YNVMKs x3MBrOssEBOnb5shFkJCAbrL8sh8jpMF7r11K8VWDPzL2fpdwppgc3roCvy53YX0 3Xnp5s3Y1hx1uyDl8DmDX51pPNMRZr1SMwjOT4z5penvP8mqkX53AvigzJHv8rEx +VX2h9MK/MXknp9Imx4b7/iKtDDpUY+J8RfPfY/+1jwNpSuFR037rOk6Rt1QH2wG zJLSv/Ta7aY=b1nW -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 09, 2023
Red Hat
100
security advisoryupdateimportantSUSE 15-SP2: 2022:2345-1 Critical: fwupd Boot Security Issue
An update that contains security fixes can now be installed. . SUSE Security Update: Security update for fwupd ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2345-1 Rating: important References: #1198581 Affected Products: SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update of fwupd fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues (bsc#1198581) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2345=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2345=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2345=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2345=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2345=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patchSUSE-SLE-Product-SLES-15-SP2-BCL-2022-2345=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2345=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2345=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-2345=1 Package List: - SUSE Manager Server 4.1 (ppc64le s390x x86_64): fwupd-1.2.14-150200.5.10.1 fwupd-debuginfo-1.2.14-150200.5.10.1 fwupd-debugsource-1.2.14-150200.5.10.1 fwupd-devel-1.2.14-150200.5.10.1 libfwupd2-1.2.14-150200.5.10.1 libfwupd2-debuginfo-1.2.14-150200.5.10.1 typelib-1_0-Fwupd-2_0-1.2.14-150200.5.10.1 - SUSE Manager Server 4.1 (noarch): fwupd-lang-1.2.14-150200.5.10.1 - SUSE Manager Retail Branch Server 4.1 (noarch): fwupd-lang-1.2.14-150200.5.10.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): fwupd-1.2.14-150200.5.10.1 fwupd-debuginfo-1.2.14-150200.5.10.1 fwupd-debugsource-1.2.14-150200.5.10.1 fwupd-devel-1.2.14-150200.5.10.1 libfwupd2-1.2.14-150200.5.10.1 libfwupd2-debuginfo-1.2.14-150200.5.10.1 typelib-1_0-Fwupd-2_0-1.2.14-150200.5.10.1 - SUSE Manager Proxy 4.1 (x86_64): fwupd-1.2.14-150200.5.10.1 fwupd-debuginfo-1.2.14-150200.5.10.1 fwupd-debugsource-1.2.14-150200.5.10.1 fwupd-devel-1.2.14-150200.5.10.1 libfwupd2-1.2.14-150200.5.10.1 libfwupd2-debuginfo-1.2.14-150200.5.10.1 typelib-1_0-Fwupd-2_0-1.2.14-150200.5.10.1 - SUSE Manager Proxy 4.1 (noarch): fwupd-lang-1.2.14-150200.5.10.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): fwupd-1.2.14-150200.5.10.1 fwupd-debuginfo-1.2.14-150200.5.10.1 fwupd-debugsource-1.2.14-150200.5.10.1 fwupd-devel-1.2.14-150200.5.10.1 libfwupd2-1.2.14-150200.5.10.1 libfwupd2-debuginfo-1.2.14-150200.5.10.1 typelib-1_0-Fwupd-2_0-1.2.14-150200.5.10.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (noarch): fwupd-lang-1.2.14-150200.5.10.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): fwupd-1.2.14-150200.5.10.1 fwupd-debuginfo-1.2.14-150200.5.10.1 fwupd-debugsource-1.2.14-150200.5.10.1 fwupd-devel-1.2.14-150200.5.10.1 libfwupd2-1.2.14-150200.5.10.1 libfwupd2-debuginfo-1.2.14-150200.5.10.1 typelib-1_0-Fwupd-2_0-1.2.14-150200.5.10.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (noarch): fwupd-lang-1.2.14-150200.5.10.1 - SUSE Linux Enterprise Server 15-SP2-BCL (noarch): fwupd-lang-1.2.14-150200.5.10.1 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): fwupd-1.2.14-150200.5.10.1 fwupd-debuginfo-1.2.14-150200.5.10.1 fwupd-debugsource-1.2.14-150200.5.10.1 fwupd-devel-1.2.14-150200.5.10.1 libfwupd2-1.2.14-150200.5.10.1 libfwupd2-debuginfo-1.2.14-150200.5.10.1 typelib-1_0-Fwupd-2_0-1.2.14-150200.5.10.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): fwupd-1.2.14-150200.5.10.1 fwupd-debuginfo-1.2.14-150200.5.10.1 fwupd-debugsource-1.2.14-150200.5.10.1 fwupd-devel-1.2.14-150200.5.10.1 libfwupd2-1.2.14-150200.5.10.1 libfwupd2-debuginfo-1.2.14-150200.5.10.1 typelib-1_0-Fwupd-2_0-1.2.14-150200.5.10.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch): fwupd-lang-1.2.14-150200.5.10.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): fwupd-1.2.14-150200.5.10.1 fwupd-debuginfo-1.2.14-150200.5.10.1 fwupd-debugsource-1.2.14-150200.5.10.1 fwupd-devel-1.2.14-150200.5.10.1 libfwupd2-1.2.14-150200.5.10.1 libfwupd2-debuginfo-1.2.14-150200.5.10.1 typelib-1_0-Fwupd-2_0-1.2.14-150200.5.10.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch): fwupd-lang-1.2.14-150200.5.10.1 - SUSE Enterprise Storage 7 (aarch64 x86_64): fwupd-1.2.14-150200.5.10.1 fwupd-debuginfo-1.2.14-150200.5.10.1 fwupd-debugsource-1.2.14-150200.5.10.1 fwupd-devel-1.2.14-150200.5.10.1 libfwupd2-1.2.14-150200.5.10.1 libfwupd2-debuginfo-1.2.14-150200.5.10.1 typelib-1_0-Fwupd-2_0-1.2.14-150200.5.10.1 - SUSE Enterprise Storage 7 (noarch): fwupd-lang-1.2.14-150200.5.10.1 References: https://bugzilla.suse.com/1198581 . SUSE has released a security patch for fwupd to resolve critical startup problems. Comprehensive guidelines for the installation process are provided.. SUSE Security Update, fwupd Update, Linux Boot Security, Software Patch. . Severity: Important. LinuxSecurity.com Team
Jul 08, 2022
•Important
SuSE
100
security advisorysecurity updateimportantSUSE: 2022:2322-1 Critical Update for fwupd Boot Security Issues
An update that contains security fixes can now be installed. . SUSE Security Update: Security update for fwupd ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2322-1 Rating: important References: #1198581 Affected Products: SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Desktop Applications 15-SP3 SUSE Linux Enterprise Module for Desktop Applications 15-SP4 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Linux Enterprise Storage 7.1 SUSE Manager Proxy 4.2 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.2 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.2 SUSE Manager Server 4.3 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update of fwupd fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues (bsc#1198581) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-2322=1 -openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-2322=1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP4: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-2322=1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP3: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-2322=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): fwupdtpmevlog-1.5.8-150300.3.5.1 fwupdtpmevlog-debuginfo-1.5.8-150300.3.5.1 libfwupdplugin1-1.5.8-150300.3.5.1 libfwupdplugin1-debuginfo-1.5.8-150300.3.5.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): dfu-tool-1.5.8-150300.3.5.1 dfu-tool-debuginfo-1.5.8-150300.3.5.1 fwupd-1.5.8-150300.3.5.1 fwupd-debuginfo-1.5.8-150300.3.5.1 fwupd-debugsource-1.5.8-150300.3.5.1 fwupd-devel-1.5.8-150300.3.5.1 fwupdtpmevlog-1.5.8-150300.3.5.1 fwupdtpmevlog-debuginfo-1.5.8-150300.3.5.1 libfwupd2-1.5.8-150300.3.5.1 libfwupd2-debuginfo-1.5.8-150300.3.5.1 libfwupdplugin1-1.5.8-150300.3.5.1 libfwupdplugin1-debuginfo-1.5.8-150300.3.5.1 typelib-1_0-Fwupd-2_0-1.5.8-150300.3.5.1 typelib-1_0-FwupdPlugin-1_0-1.5.8-150300.3.5.1 - openSUSE Leap 15.3 (noarch): fwupd-lang-1.5.8-150300.3.5.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64): fwupd-debuginfo-1.5.8-150300.3.5.1 fwupd-debugsource-1.5.8-150300.3.5.1 fwupdtpmevlog-1.5.8-150300.3.5.1 fwupdtpmevlog-debuginfo-1.5.8-150300.3.5.1 libfwupdplugin1-1.5.8-150300.3.5.1 libfwupdplugin1-debuginfo-1.5.8-150300.3.5.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64): fwupd-1.5.8-150300.3.5.1 fwupd-debuginfo-1.5.8-150300.3.5.1 fwupd-debugsource-1.5.8-150300.3.5.1 fwupd-devel-1.5.8-150300.3.5.1 fwupdtpmevlog-1.5.8-150300.3.5.1 fwupdtpmevlog-debuginfo-1.5.8-150300.3.5.1 libfwupd2-1.5.8-150300.3.5.1 libfwupd2-debuginfo-1.5.8-150300.3.5.1 libfwupdplugin1-1.5.8-150300.3.5.1 libfwupdplugin1-debuginfo-1.5.8-150300.3.5.1 typelib-1_0-Fwupd-2_0-1.5.8-150300.3.5.1 typelib-1_0-FwupdPlugin-1_0-1.5.8-150300.3.5.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (noarch): fwupd-lang-1.5.8-150300.3.5.1 References: https://bugzilla.suse.com/1198581 . SUSE has released a critical security update for fwupd, which includes essential patches and detailed installation instructions for users.. SUSE Linux Update, fwupd Security Fix, Important Security Patch. . Severity: Important. LinuxSecurity.com Team
Jul 07, 2022
•Important
SuSE
98
security advisorysecurity issueRed Hat Enterprise LinuxRed Hat Enterprise Linux: RHSA-2021-3675-01 Moderate: Shim Security Issue
An update for fwupd, shim, shim-unsigned-aarch64, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: shim and fwupd security update Advisory ID: RHSA-2021:3675-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:3675 Issue date: 2021-09-28 CVE Names: CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 ==================================================================== 1. Summary: An update for fwupd, shim, shim-unsigned-aarch64, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v. 8.1) - aarch64, x86_64 Red Hat Enterprise Linux BaseOS EUS (v. 8.1) - aarch64, ppc64le, s390x, x86_64 3. Description: The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. The following packages have been upgraded to a later upstream version: shim (15.4). (BZ#1932410) Security Fix(es): * grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372) * grub2:Use-after-free in rmmod command (CVE-2020-25632) * grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647) * grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749) * grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779) * grub2: Heap out-of-bounds write in short form option parser (CVE-2021-20225) * grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1873150 - CVE-2020-14372 grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled 1879577 - CVE-2020-25632 grub2: Use-after-free in rmmod command 1886936 - CVE-2020-25647 grub2: Out-of-bounds write in grub_usb_device_initialize() 1899966 - CVE-2020-27749 grub2: Stack buffer overflow in grub_parser_split_cmdline() 1900698 - CVE-2020-27779 grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled 1924696 - CVE-2021-20225 grub2: Heap out-of-bounds write in short form option parser 1926263 - CVE-2021-20233 grub2: Heap out-of-bounds write due to miscalculation of space required for quoting 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v.8.1): Source: fwupd-1.1.4-4.el8_1.src.rpm shim-15.4-2.el8_1.src.rpm aarch64: fwupd-1.1.4-4.el8_1.aarch64.rpm fwupd-debuginfo-1.1.4-4.el8_1.aarch64.rpm fwupd-debugsource-1.1.4-4.el8_1.aarch64.rpm shim-aa64-15.4-2.el8_1.aarch64.rpm ppc64le: fwupd-1.1.4-4.el8_1.ppc64le.rpm fwupd-debuginfo-1.1.4-4.el8_1.ppc64le.rpm fwupd-debugsource-1.1.4-4.el8_1.ppc64le.rpm s390x: fwupd-1.1.4-4.el8_1.s390x.rpm fwupd-debuginfo-1.1.4-4.el8_1.s390x.rpm fwupd-debugsource-1.1.4-4.el8_1.s390x.rpm x86_64: fwupd-1.1.4-4.el8_1.x86_64.rpm fwupd-debuginfo-1.1.4-4.el8_1.x86_64.rpm fwupd-debugsource-1.1.4-4.el8_1.x86_64.rpm shim-ia32-15.4-2.el8_1.x86_64.rpm shim-x64-15.4-2.el8_1.x86_64.rpm Red Hat CodeReady Linux Builder EUS (v. 8.1): Source: shim-unsigned-aarch64-15-7.el8_1.src.rpm shim-unsigned-x64-15.4-4.el8_1.src.rpm aarch64: shim-unsigned-aarch64-15-7.el8_1.aarch64.rpm x86_64: shim-unsigned-x64-15.4-4.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-14372 https://access.redhat.com/security/cve/CVE-2020-25632 https://access.redhat.com/security/cve/CVE-2020-25647 https://access.redhat.com/security/cve/CVE-2020-27749 https://access.redhat.com/security/cve/CVE-2020-27779 https://access.redhat.com/security/cve/CVE-2021-20225 https://access.redhat.com/security/cve/CVE-2021-20233 https://access.redhat.com/security/updates/classification#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-003 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYVMoXNzjgjWX9erEAQhsGQ/+IXv7ouaquc1VJd6BSCD53UUNjV/pzck7 7wqvfvz4gIpMbgPH/yBMsiJeBRzl+5VlaERYp0S8o35npwokQO7TQP8+CVEi/yCy yq32XWSPquUYo7HPRJaxU9lIQmH7aq6uM/FM4/NA+Bgxo55Pidr6JNwo1hQXUCxp V4GptlYCbaSpBG3yADRxY4ALaxtSnSGH/V9iZvzOS/4d6ma8y+lbOAZHylOE99LK WLJRq/L+BmmTLLvHMwZkjmkQkNX44bADHwP4Tc2eeeaW3IUglUfl64k0Hb69tt7q Ny3xevJobRQGxfc5U59+qgAMlFTR6nldnivFxusWzzLxVQKjFDxUoxj5R0m+LQrI 4jQph1UAHgKyya791R7aNMQtsYs1Dqwio1prbktqy+QPganCagnddWMbytN3lM7o q2+2Q1NT7yB01CnMeBM94Xn3TS4TAUmfhZLJfDvMesjjFX+RrBs1L4JkHl7iXsTq TDH8QNA+q94Xk+8CjHALszzLh3+LdkvoHVN0BWZTT8ElQ8ZNy0dQd+gEZh4F3DSa 4DzCklBeQNmJMuLkbbsaTYphMR5l8m5S0bIOqXMUMaiIpmXflS14x+xnyhyCzyXl YV+V/dUbTbS8ou5/xEZaJ/mArPMrYF8Nb8vJ7tsh0XtH3XTdZPFf6hCSd86V51Fp Pkc98lCNM88=+0q2 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Sep 28, 2021
Red Hat
98
security advisoryRed Hat Enterprise Linuxsecurity impactRed Hat 8.2: RHSA-2021-2790-01 Moderate: Shim and Fwupd Security Update
An update for fwupd, shim, shim-unsigned-aarch64, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: shim and fwupd security update Advisory ID: RHSA-2021:2790-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2790 Issue date: 2021-07-20 CVE Names: CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 ==================================================================== 1. Summary: An update for fwupd, shim, shim-unsigned-aarch64, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v. 8.2) - aarch64, x86_64 Red Hat Enterprise Linux BaseOS EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64 3. Description: The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. The following packages have been upgraded to a later upstream version: shim (15.4). (BZ#1932411) Security Fix(es): * grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372) * grub2:Use-after-free in rmmod command (CVE-2020-25632) * grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647) * grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749) * grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779) * grub2: Heap out-of-bounds write in short form option parser (CVE-2021-20225) * grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1873150 - CVE-2020-14372 grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled 1879577 - CVE-2020-25632 grub2: Use-after-free in rmmod command 1886936 - CVE-2020-25647 grub2: Out-of-bounds write in grub_usb_device_initialize() 1899966 - CVE-2020-27749 grub2: Stack buffer overflow in grub_parser_split_cmdline() 1900698 - CVE-2020-27779 grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled 1924696 - CVE-2021-20225 grub2: Heap out-of-bounds write in short form option parser 1926263 - CVE-2021-20233 grub2: Heap out-of-bounds write due to miscalculation of space required for quoting 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v.8.2): Source: fwupd-1.1.4-9.el8_2.src.rpm shim-15.4-2.el8_1.src.rpm aarch64: fwupd-1.1.4-9.el8_2.aarch64.rpm fwupd-debuginfo-1.1.4-9.el8_2.aarch64.rpm fwupd-debugsource-1.1.4-9.el8_2.aarch64.rpm shim-aa64-15.4-2.el8_1.aarch64.rpm ppc64le: fwupd-1.1.4-9.el8_2.ppc64le.rpm fwupd-debuginfo-1.1.4-9.el8_2.ppc64le.rpm fwupd-debugsource-1.1.4-9.el8_2.ppc64le.rpm s390x: fwupd-1.1.4-9.el8_2.s390x.rpm fwupd-debuginfo-1.1.4-9.el8_2.s390x.rpm fwupd-debugsource-1.1.4-9.el8_2.s390x.rpm x86_64: fwupd-1.1.4-9.el8_2.x86_64.rpm fwupd-debuginfo-1.1.4-9.el8_2.x86_64.rpm fwupd-debugsource-1.1.4-9.el8_2.x86_64.rpm shim-ia32-15.4-2.el8_1.x86_64.rpm shim-x64-15.4-2.el8_1.x86_64.rpm Red Hat CodeReady Linux Builder EUS (v. 8.2): Source: shim-unsigned-aarch64-15-7.el8_1.src.rpm shim-unsigned-x64-15.4-4.el8_1.src.rpm aarch64: shim-unsigned-aarch64-15-7.el8_1.aarch64.rpm x86_64: shim-unsigned-x64-15.4-4.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-14372 https://access.redhat.com/security/cve/CVE-2020-25632 https://access.redhat.com/security/cve/CVE-2020-25647 https://access.redhat.com/security/cve/CVE-2020-27749 https://access.redhat.com/security/cve/CVE-2020-27779 https://access.redhat.com/security/cve/CVE-2021-20225 https://access.redhat.com/security/cve/CVE-2021-20233 https://access.redhat.com/security/updates/classification#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-003 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYPdKe9zjgjWX9erEAQia/Q/+OF5AfNo/I3l3OsE9kBgmxqXoTANkbpkv rLUizj+khr3q8QQKOvkeS7QrsnRpaUthnHhwu95oYZoJl0lbEVh6k3atkIxI9qsR Ppt5cL7O3BpG9VvnHfUbti9kDl/3WCoywKio5m+aq670FVK4RI4DqYthnVSKlJPP yeyDiBYz+HsqG/hvRrxCv70fVHA+BCGeCM1qaJozqhl18kaSY1KU0K/QJQ7cEMBY G8Px2EVYJE5vc+PQWldkvfskHfJKuC4xEf0A7xNB6eBi/HMMXuvnnvxg02Tvq22m 2SrboHq7OHzvP/wORoU2y7ZvHf/JkXj0vB827h1X/09rjQMc5HcJVT6/14ja+hBd HZQpiVe/+hqWufinfGCBC4Y//dGDDJ/fqMXWvSavJm6PPVqRuXfk5TaaJSx/nShb tJ1i9pjbAqCJbY5RMgNLoul13AINEPOcd+A/fCebpMiDMHts1hbVtiifENbweZTX 1vnP+bpgrKxrU6u/RYg88AeNp+Lga++jnykxK6kb5AP2hUjoy4kMaj380DOQZRvD lOppjgnBGSolfZLt3vdprJgeMGbsh1FiFDt3ls7asO800yZrsCJpAw7byznTPasP U+li7OLKM6F4oP+8G2j3EDE1+BteA9OAUGI0phvLXu0C+zpg7R3cJfCVeTLjC3Qd NSoKps/AMhI=jbDg -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jul 20, 2021
Red Hat
98
security advisoryRed Hatmoderate threatRedHat: RHSA-2021:2566-01 Moderate: fwupd Security Update
An update for fwupd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: fwupd security update Advisory ID: RHSA-2021:2566-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2566 Issue date: 2021-06-29 CVE Names: CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 ==================================================================== 1. Summary: An update for fwupd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The fwupd packages provide a service that allows session software to update device firmware. Security Fix(es): * grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372) * grub2: Use-after-free in rmmod command (CVE-2020-25632) * grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647) * grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749) * grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779) * grub2: Heap out-of-bounds write in short form optionparser (CVE-2021-20225) * grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1873150 - CVE-2020-14372 grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled 1879577 - CVE-2020-25632 grub2: Use-after-free in rmmod command 1886936 - CVE-2020-25647 grub2: Out-of-bounds write in grub_usb_device_initialize() 1899966 - CVE-2020-27749 grub2: Stack buffer overflow in grub_parser_split_cmdline() 1900698 - CVE-2020-27779 grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled 1924696 - CVE-2021-20225 grub2: Heap out-of-bounds write in short form option parser 1926263 - CVE-2021-20233 grub2: Heap out-of-bounds write due to miscalculation of space required for quoting 6. Package List: Red Hat Enterprise Linux BaseOS (v. 8): Source: fwupd-1.5.9-1.el8_4.src.rpm aarch64: fwupd-1.5.9-1.el8_4.aarch64.rpm fwupd-debuginfo-1.5.9-1.el8_4.aarch64.rpm fwupd-debugsource-1.5.9-1.el8_4.aarch64.rpm fwupd-tests-debuginfo-1.5.9-1.el8_4.aarch64.rpm ppc64le: fwupd-1.5.9-1.el8_4.ppc64le.rpm fwupd-debuginfo-1.5.9-1.el8_4.ppc64le.rpm fwupd-debugsource-1.5.9-1.el8_4.ppc64le.rpm s390x: fwupd-1.5.9-1.el8_4.s390x.rpm fwupd-debuginfo-1.5.9-1.el8_4.s390x.rpm fwupd-debugsource-1.5.9-1.el8_4.s390x.rpm fwupd-tests-debuginfo-1.5.9-1.el8_4.s390x.rpm x86_64: fwupd-1.5.9-1.el8_4.x86_64.rpm fwupd-debuginfo-1.5.9-1.el8_4.x86_64.rpm fwupd-debugsource-1.5.9-1.el8_4.x86_64.rpm fwupd-tests-debuginfo-1.5.9-1.el8_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signatureare available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-14372 https://access.redhat.com/security/cve/CVE-2020-25632 https://access.redhat.com/security/cve/CVE-2020-25647 https://access.redhat.com/security/cve/CVE-2020-27749 https://access.redhat.com/security/cve/CVE-2020-27779 https://access.redhat.com/security/cve/CVE-2021-20225 https://access.redhat.com/security/cve/CVE-2021-20233 https://access.redhat.com/security/updates/classification#moderate https://access.redhat.com/security/vulnerabilities/RHSB-2021-003 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYNtMGdzjgjWX9erEAQhFURAAj7V2Ey5EAas6E3xU1Gji7Peci9WBl/Zz 1zl9ywqDOYiQU9BGMBTIdlitpPcsQhmzOSBhH11gFltPDAp8bCWx3b8zYpuX4szi K/3xKdSSdPsFkXrNtWl8fT0kzEJ7Gmggbidkk5j2P5KrWFPKAOVn3oVvtHSd94LM E9eFm69DGSn3omLeHdX68H+whkaCTXDwuMGp+UqrsjabO20UG7xt+p+C4pYDcHA1 cxYmhqxub1OgKoS9621KTW6F4A0rzEZBS3tCgcyUbRdG1Wt/tACBWq/MCX0bJeIV lvRZzhRUWbuNfO87ci9KAJNdHoPevm9SBPGAu1KR5o+6TUXOjrRzMFj+YMj9/vGF SKdMH8chGJzFwSoiGmR2yhmhJX6kXA3s6yClgt+jXzuJroptclksF5mgDJPF7bju quXApBHavoe8aA8BW1jkoeNBxKRIfyPnFFsSlfVU4Uxr2AmVeFB9xutzdrwzON54 x2aUKg2odsGRK1s/USdd2pwIlYXexH4+TDJizWADbhgOwr6YPa/NGndeuVTfGm2q d61+O3N1LRABPNSICaz4iOPGEIc+VNhC1G6Ja7cw7iSQivY4K8Ax2OHn5oUHZjBJ QWPApA3mlAycsWrVK9dXRJkKmuxb/dozfyT9tb7vnCsjUHhmd804TZWRef94uqRM QIjdKuBa8qc=u8kT -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jun 29, 2021
Red Hat
202
security advisorycriticalpatchopenSUSE Leap 15.2, openSUSE-SU-2021:0522-1 Critical fwupd Validation Issue
An update that solves one vulnerability and has one errata is now available. . openSUSE Security Update: Security update for fwupd ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0522-1 Rating: important References: #1172643 #1182057 Cross-References: CVE-2020-10759 CVSS scores: CVE-2020-10759 (NVD) : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N CVE-2020-10759 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for fwupd fixes the following issues: - Update to version 1.2.14: (bsc#1182057) - Add SBAT section to EFI images (bsc#1182057) - CVE-2020-10759: Validate that gpgme_op_verify_result() returned at least one signature (bsc#1172643) This update was imported from the SUSE:SLE-15-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-522=1 Package List: - openSUSE Leap 15.2 (x86_64): dfu-tool-1.2.14-lp152.3.9.1 dfu-tool-debuginfo-1.2.14-lp152.3.9.1 fwupd-1.2.14-lp152.3.9.1 fwupd-debuginfo-1.2.14-lp152.3.9.1 fwupd-debugsource-1.2.14-lp152.3.9.1 fwupd-devel-1.2.14-lp152.3.9.1 libfwupd2-1.2.14-lp152.3.9.1 libfwupd2-debuginfo-1.2.14-lp152.3.9.1 typelib-1_0-Fwupd-2_0-1.2.14-lp152.3.9.1 - openSUSE Leap 15.2 (noarch): fwupd-lang-1.2.14-lp152.3.9.1 References: https://www.suse.com/security/cve/CVE-2020-10759.html https://bugzilla.suse.com/1172643 https://bugzilla.suse.com/1182057 . The latest patch addresses a crucial vulnerability in fwupd for openSUSE Leap 15.2, enhancing both security measures and overall system stability.. openSUSE fwupd update, important update security, software validation fix, fwupd security patch. . Severity: Important. LinuxSecurity.com Team
Apr 09, 2021
•Important
OpenSUSE
100
security advisoryupdatepatchSUSE 15-SP2: 2021:1107-1 Important fwupd Update Resolves Security Issue
An update that solves one vulnerability, contains one feature and has one errata is now available. . SUSE Security Update: Security update for fwupd ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:1107-1 Rating: important References: #1172643 #1182057 SLE-16809 Cross-References: CVE-2020-10759 CVSS scores: CVE-2020-10759 (NVD) : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N CVE-2020-10759 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: SUSE Linux Enterprise Module for Desktop Applications 15-SP2 ______________________________________________________________________________ An update that solves one vulnerability, contains one feature and has one errata is now available. Description: This update for fwupd fixes the following issues: - Update to version 1.2.14: (bsc#1182057) - Add SBAT section to EFI images (bsc#1182057) - CVE-2020-10759: Validate that gpgme_op_verify_result() returned at least one signature (bsc#1172643) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Desktop Applications 15-SP2: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP2-2021-1107=1 Package List: - SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (aarch64 ppc64le s390x x86_64): fwupd-1.2.14-5.8.2 fwupd-debuginfo-1.2.14-5.8.2 fwupd-debugsource-1.2.14-5.8.2 fwupd-devel-1.2.14-5.8.2 libfwupd2-1.2.14-5.8.2 libfwupd2-debuginfo-1.2.14-5.8.2 typelib-1_0-Fwupd-2_0-1.2.14-5.8.2 - SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (noarch): fwupd-lang-1.2.14-5.8.2 References: https://www.suse.com/security/cve/CVE-2020-10759.html https://bugzilla.suse.com/1172643 https://bugzilla.suse.com/1182057 . Crucial SUSE Security Patch for fwupd addresses a security flaw, introduces enhancements, and offers installation instructions.. fwupd Update, SUSE Security Update, Linux Module, Desktop Applications. . Severity: Important. LinuxSecurity.com Team
Apr 08, 2021
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!