[ubuntu/focal-proposed] edk2 0~20191122.bd85bf54-2ubuntu1 (Accepted)
dann frazier
dannf at ubuntu.com
Mon Mar 16 20:42:17 UTC 2020
edk2 (0~20191122.bd85bf54-2ubuntu1) focal; urgency=medium
* Fix numeric truncation in S3BootScript[Save]*() API. (CVE-2019-14563)
* Fix use-after-free in PcdHiiOsRuntimeSupport. (CVE-2019-14586)
* Clear memory before free to avoid potential password leak.
(CVE-2019-14558)
* Fix double-unmap in SdMmcCreateTrb(). This did not impact any
of the images built from this package. (CVE-2019-14587)
* Fix memory leak in ArpOnFrameRcvdDpc(). (CVE-2019-14559)
* Fix issue that could allow an efi image with a blacklisted hash in the
dbx to be loaded. (CVE-2019-14575)
* Fix a memory leak in the ARP handler. (CVE-2019-14559)
Date: Mon, 16 Mar 2020 10:56:00 -0600
Changed-By: dann frazier <dannf at ubuntu.com>
Maintainer: Debian QEMU Team <pkg-qemu-devel at lists.alioth.debian.org>
https://launchpad.net/ubuntu/+source/edk2/0~20191122.bd85bf54-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 16 Mar 2020 10:56:00 -0600
Source: edk2
Architecture: source
Version: 0~20191122.bd85bf54-2ubuntu1
Distribution: focal
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel at lists.alioth.debian.org>
Changed-By: dann frazier <dannf at ubuntu.com>
Changes:
edk2 (0~20191122.bd85bf54-2ubuntu1) focal; urgency=medium
.
* Fix numeric truncation in S3BootScript[Save]*() API. (CVE-2019-14563)
* Fix use-after-free in PcdHiiOsRuntimeSupport. (CVE-2019-14586)
* Clear memory before free to avoid potential password leak.
(CVE-2019-14558)
* Fix double-unmap in SdMmcCreateTrb(). This did not impact any
of the images built from this package. (CVE-2019-14587)
* Fix memory leak in ArpOnFrameRcvdDpc(). (CVE-2019-14559)
* Fix issue that could allow an efi image with a blacklisted hash in the
dbx to be loaded. (CVE-2019-14575)
* Fix a memory leak in the ARP handler. (CVE-2019-14559)
Checksums-Sha1:
5b2546cabb0905b5ba34093254b6f67375173963 2876 edk2_0~20191122.bd85bf54-2ubuntu1.dsc
bbc8bbab113c354fd4e751f9c8887f327918a453 39672 edk2_0~20191122.bd85bf54-2ubuntu1.debian.tar.xz
c1a5033c7cbf35d9d0dff12af9844ee3095495b7 8610 edk2_0~20191122.bd85bf54-2ubuntu1_source.buildinfo
Checksums-Sha256:
df6d91cc53825822faee719d61629fadc9a44810d3a20fd13b501f3ab7e0961c 2876 edk2_0~20191122.bd85bf54-2ubuntu1.dsc
2475f1cf7020706f8162fe23a93c4f1bf2a5a1f48a287dcd703464b3af08c59c 39672 edk2_0~20191122.bd85bf54-2ubuntu1.debian.tar.xz
25316bc147dee265e0fc5d1301b0de26cee88c7042bd524cace1f53b0b7b75c8 8610 edk2_0~20191122.bd85bf54-2ubuntu1_source.buildinfo
Files:
ca4e0ac53f4af5e82b06ec682c88bd6d 2876 misc optional edk2_0~20191122.bd85bf54-2ubuntu1.dsc
097ac7882ba5e461957f1188c342ab9a 39672 misc optional edk2_0~20191122.bd85bf54-2ubuntu1.debian.tar.xz
4f0b68f666e53b301f50de22ef0b6e4d 8610 misc optional edk2_0~20191122.bd85bf54-2ubuntu1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEECfR9vy0y7twkQ+vuG/g8XlT8hkAFAl5v48oRHGRhbm5mQGRl
Ymlhbi5vcmcACgkQG/g8XlT8hkDShQ/+MsI5LGhth88eKAkUjnO2QOpMrq9ch9+n
CoDBMYcRk5GSt5dm3lhdXCb/DcYhAbDINidu+wWPvOw95jXHUJyvyJDUAXdvX1lq
UNV6U3vXbOZnY+w2bXdG9PFntYNhhGaAnWnYcinAGZuz8i98BYM4sCMejZxFlfsh
Lv2g5evqzl9aTtqdRzwsQGvz44D/hUSWdedGb2bpbtIdjIrdr+aegD03sW7tCDDm
cpe9aExtE3MX9gQuUNIcYTH97qbCUJjBq6bijOqFkzP03eTdOJdzFiMOK8X51sI4
f0wvDxHZXYf0oJK98/U4HromxdKQje06vMt3arOJ84rnZ7zvoSbPaPuu7j3vCBc0
v5Ku117frQaqyJYXRw9++YUm+09s8HsWudTe14QrZJDWoKEzWAWlLLQhBooK7m7U
o2S6HQexB54eAASxsW6j1KEQbnRo9LNulsDSoXfEJ2gMq7WaNnXgVDmMQYepMA2t
o+AGOrO50KeekSU18iO6AeEHq4o1DL3WxZCglwqj6M2AgTvAMzNFK+9gY7Jd/v8Y
Qfx4Pdal2cpdLUkdwaqN9CE1yzarjb5JUh+jF6nXFDFyYkH4KC6ZwPTTvc/ON+tJ
Zr0UR96lC8qKZIwBMUyin/H7p5WLJTss/Lrdm6pHC8SpAEy0eLpRR/L9+kQhV0Yt
oPZ5pmcnOQ4=
=EZQe
-----END PGP SIGNATURE-----
More information about the Focal-changes
mailing list