Download
| Alert*
oval:org.secpod.oval:def:89003452
This update for ovmf fixes the following issue: Security issue fixed: - CVE-2018-12181: Fixed a stack buffer overflow in the HII database when a corrupted Bitmap was used . oval:org.secpod.oval:def:66459 EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Stack buffer overflow with corrupted BMP * edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media For mor ... oval:org.secpod.oval:def:705461 edk2: UEFI firmware for 64-bit x86 virtual machines Several security issues were fixed in edk2. oval:org.secpod.oval:def:116189 EDK II is a development code base for creating UEFI drivers, applications and firmware images. oval:org.secpod.oval:def:89003437 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe . - CVE-2018-12181: Fixed a stack buffer overflow in the HII database ... oval:org.secpod.oval:def:503413 EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Stack buffer overflow with corrupted BMP * edk2: Buffer overflows in PartitionDxe and UdfDxe with long file names and invalid UDF media For mor ... oval:org.secpod.oval:def:1700511 Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. A missing check ... oval:org.secpod.oval:def:1504202 [20190308git89910a39dcfd-6.el8] - edk2-ArmVirtPkg-silence-DEBUG_VERBOSE-masking-0x00400000-.patch [bz#1714446] - edk2-OvmfPkg-QemuRamfbDxe-Do-not-report-DXE-failure-on-Aa.patch [bz#1714446] - edk2-ArmPkg-DebugPeCoffExtraActionLib-debugger-commands-a.patch [bz#1714446] - Resolves: bz#1714446 [201903 ... oval:org.secpod.oval:def:63494 edk2: UEFI firmware for 64-bit x86 virtual machines Several security issues were fixed in edk2. oval:org.secpod.oval:def:89050713 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe . - CVE-2018-12181: Fixed a stack buffer overflow in the HII database ... oval:org.secpod.oval:def:503253 OVMF is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Privilege escalation via processing of malformed files in TianoCompress.c * edk2: Privilege escalation via processing of malformed files in Bas ... oval:org.secpod.oval:def:1504481 [20180508-6.gitee3198e672e2.el7] - ovmf-MdeModulePkg-HiiDatabase-Fix-potential-integer-overf.patch [bz#1691479] - ovmf-MdeModulePkg-HiiImage-Fix-stack-overflow-when-corrup.patch [bz#1691479] - ovmf-MdeModulePkg-PartitionDxe-Add-check-for-underlying-d.patch [bz#1691647] - ovmf-MdeModulePkg-UdfDxe-Ref ... oval:org.secpod.oval:def:205311 OVMF is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix: * edk2: Privilege escalation via processing of malformed files in TianoCompress.c * edk2: Privilege escalation via processing of malformed files in Bas ... oval:org.secpod.oval:def:1504291 [1:1.2-5.el7] - Update spec file to remove "modprobe kvm-intel" and remove --enable-kvm arg to ovmf_vars_generator so qemu will not require kvm kernel module. - Update spec file to modprobe kvm_intel module prior to running qemu to enroll default keys. - Enroll Oracle cert/key for OL secureboot su ... |