[opensuse-announce] Upcoming update for shim requires confirmation on reboot
Hello, we will release a security update for shim next week that fixes three security issues, tracked in bnc#889332: - OOB read access when parsing DHCPv6 packets (remote DoS) (CVE-2014-3675). - Heap overflow when parsing IPv6 addresses provided by tftp:// DHCPv6 boot option (RCE) (CVE-2014-3676). - Memory corruption when processing user provided MOK lists (CVE-2014-3677). Because of those issues we update shim to version 0.7.318.81ee561d. This version includes a patch that requires the user to confirm a dialog once on the first boot after the update is installed. You will need to be able to confirm this dialog, which appears before the bootloader, or your system will not boot. This only affects users that are still on openSUSE 13.1 and use a secure boot setup. You can check with 'bootctl' if you're using a secure boot configuration if you're not sure. Best regards, Johannes Segitz -- GPG Key E7C81FA0 EE16 6BCE AD56 E034 BFB3 3ADD 7BF7 29D5 E7C8 1FA0 Subkey fingerprint: 250F 43F5 F7CE 6F1E 9C59 4F95 BC27 DD9D 2CC4 FD66 SUSE LINUX GmbH Maxfeldstraße 5 90409 Nürnberg, Germany GF: Felix Imendörffer, Jane Smithard, Jennifer Guild, Dilip Upmanyu, Graham Norton, HRB 21284 (AG Nürnberg)
participants (1)
-
Johannes Segitz