[ALSA-2023:2487] Moderate: fwupd security and bug fix update
Type:
security
Severity:
moderate
Release date:
2023-05-12
Description:
The fwupd packages provide a service that allows session software to update device firmware. Security Fix(es): * fwupd: world readable password in /etc/fwupd/redfish.conf (CVE-2022-3287) * shim: 3rd party shim allow secure boot bypass (CVE-2022-34301) * shim: 3rd party shim allow secure boot bypass (CVE-2022-34302) * shim: 3rd party shim allow secure boot bypass (CVE-2022-34303) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 fwupd-devel-1.8.10-2.el9.alma.aarch64.rpm 02313cd6679ce7e0618f491980066da10d4c7197d853f926fe7a6c6cf91b3095
aarch64 fwupd-plugin-flashrom-1.8.10-2.el9.alma.aarch64.rpm 2f356b641699cc5cab6c759e2b8beb1c40f59d231c1e766d37fd57759264114d
aarch64 fwupd-1.8.10-2.el9.alma.aarch64.rpm fab71a96e163b66b27ad298db75c973d0c811f887a6ae3695e3e1de490713f7c
ppc64le fwupd-1.8.10-2.el9.alma.ppc64le.rpm 07df4816fa6fee85f018f9d00a37623ee25352b5759170bc718e3e0190cba017
ppc64le fwupd-devel-1.8.10-2.el9.alma.ppc64le.rpm 30684a74908596d76f62be48b81e91e81d44bd4fd96357f3b774bcb4ab51769a
ppc64le fwupd-plugin-flashrom-1.8.10-2.el9.alma.ppc64le.rpm 91bfaba12b38984dff6e3115e6aecf7c1a32aea24654a525b24d36bf61b33f4d
s390x fwupd-1.8.10-2.el9.alma.s390x.rpm ad258545e75a23d4d2fc7005f13b0e8a77dd4471442cab7f8f73f7ee104d714a
s390x fwupd-devel-1.8.10-2.el9.alma.s390x.rpm b0c4ccd3e245fd0347c471e5985f0dfef8dac01d96eb2dc7525d8c13973a6353
x86_64 fwupd-devel-1.8.10-2.el9.alma.x86_64.rpm 6a8414c561b9c737649b57ad65230bceca08ba72fd3834f7a15b82af1fb35825
x86_64 fwupd-1.8.10-2.el9.alma.x86_64.rpm b644f155d657248ddb00c3fe180c7acc14bf6c131860b53d03b0fdd87c145064
x86_64 fwupd-plugin-flashrom-1.8.10-2.el9.alma.x86_64.rpm d75cbe9ed8e11392b785067b7bd3357f92f24ee2d3b47219f27783efaa6486fc
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.