Summary: | <sys-firmware/edk2-ovmf-201905: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | tamiko, virtualization |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
app-emulation/qemu-4.0.0-r50
sys-firmware/edk2-ovmf-201905
sys-firmware/ipxe-1.0.0_p20190728
sys-firmware/seabios-1.12.0
|
Runtime testing required: | --- |
Description
Agostino Sarubbo
2019-02-27 08:52:19 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6137d4c59ea47d77517e925d8bfd46b8b3b1f669 commit 6137d4c59ea47d77517e925d8bfd46b8b3b1f669 Author: Matthias Maier <tamiko@gentoo.org> AuthorDate: 2019-07-28 21:00:39 +0000 Commit: Matthias Maier <tamiko@gentoo.org> CommitDate: 2019-07-28 23:17:16 +0000 sys-firmware/edk2-ovmf: version bump to 201905 * switch to new upstream version number * add secure boot support * versions contains security fixes for all vulnerabilities identified in #678906c1 Closes: https://bugs.gentoo.org/680920 Closes: https://bugs.gentoo.org/681936 Closes: https://bugs.gentoo.org/665152 Bug: https://bugs.gentoo.org/678906 Package-Manager: Portage-2.3.69, Repoman-2.3.16 Signed-off-by: Matthias Maier <tamiko@gentoo.org> sys-firmware/edk2-ovmf/Manifest | 5 +- sys-firmware/edk2-ovmf/edk2-ovmf-201905.ebuild | 153 +++++++++++++++++++++++++ 2 files changed, 156 insertions(+), 2 deletions(-) Let's give this a short round of testing before calling for stabilization. amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please vote. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c682b9fdcbf9977e0da01970c2d162461765b7d4 commit c682b9fdcbf9977e0da01970c2d162461765b7d4 Author: Matthias Maier <tamiko@gentoo.org> AuthorDate: 2019-08-20 04:24:06 +0000 Commit: Matthias Maier <tamiko@gentoo.org> CommitDate: 2019-08-20 04:24:06 +0000 sys-firmware/edk2-ovmf: drop vulnerable Bug: https://bugs.gentoo.org/678906 Package-Manager: Portage-2.3.72, Repoman-2.3.17 Signed-off-by: Matthias Maier <tamiko@gentoo.org> sys-firmware/edk2-ovmf/Manifest | 2 - .../edk2-ovmf/edk2-ovmf-2017_p20180211.ebuild | 110 --------------------- ...k2-ovmf-2017_p20180211-build_system_fixes.patch | 91 ----------------- 3 files changed, 203 deletions(-) |