[ALSA-2024:1063] Important: edk2 security update
Type:
security
Severity:
important
Release date:
2024-03-05
Description:
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * edk2: Buffer overflow in the DHCPv6 client via a long Server ID option (CVE-2023-45230) * edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message (CVE-2023-45234) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
noarch edk2-ovmf-20220126gitbb1bba3d77-6.el8_9.6.alma.noarch.rpm 081ad0dd894e7a967a7744bb7c24bf7dea044c82ecdda77f204e144be1076775
noarch edk2-aarch64-20220126gitbb1bba3d77-6.el8_9.6.alma.noarch.rpm a952db4906227aa5887d603fdb7af7627d51facf90b74d3edc530e2f620f63ee
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.