[ALSA-2024:1075] Important: edk2 security update
Type:
security
Severity:
important
Release date:
2024-03-05
Description:
EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * edk2: Buffer overflow in the DHCPv6 client via a long Server ID option (CVE-2023-45230) * edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message (CVE-2023-45234) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 edk2-tools-20230524-4.el9_3.2.alma.aarch64.rpm 85da1cfd3ac68b41837db5960f6385ef673332aabf8d8ea21f448998b78d1f09
noarch edk2-ovmf-20230524-4.el9_3.2.alma.noarch.rpm 672357e5f22af5021147da1e6ea2940970361d3219b3256dc24010fdaeeb1424
noarch edk2-tools-doc-20230524-4.el9_3.2.alma.noarch.rpm bfcb0f5d6e03f7d8b84272a53664e90bac1a421417262c4e9b2f8eefe207350d
noarch edk2-aarch64-20230524-4.el9_3.2.alma.noarch.rpm c344e31df64e7b01343cb0aed155d8145237772f7f844a227dd8eda235c3368c
x86_64 edk2-tools-20230524-4.el9_3.2.alma.x86_64.rpm 632efcbd906141df4d146fb2fbff5e5c68214279a2b1c83514b4376367188692
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.