[ALSA-2023:6919] Moderate: edk2 security and bug fix update
Type:
security
Severity:
moderate
Release date:
2023-11-23
Description:
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler() (CVE-2019-14560) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
noarch edk2-aarch64-20220126gitbb1bba3d77-6.el8.noarch.rpm 457fcd3b159b7bb590ec97142837da0e00a2a11523f34473c697980dc604d096
noarch edk2-ovmf-20220126gitbb1bba3d77-6.el8.noarch.rpm b7dc2f0f16182514fc961ea133795beb1c8fbe4c772d1954368594003a32ea9c
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.