This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-0739: Update openssl to 1.0.2o to limit ASN.1 constructed types recursive definition depth . - CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation . - CVE-2019-14559: Fixed a remotely exploitable memory leak in the ARP handling code . - CVE-2019-14575: Fixed an insufficient signature check in the DxeImageVerificationHandler . Bug fixes: - Only use SLES-UEFI-CA-Certificate-2048.crt for the SUSE flavor to provide the better compatibility