Mailinglist Archive: opensuse-updates (124 mails)

< Previous Next >
openSUSE-SU-2017:1967-1: moderate: Update for gnu-efi, pesign, shim
openSUSE Security Update: Update for gnu-efi, pesign, shim
______________________________________________________________________________

Announcement ID: openSUSE-SU-2017:1967-1
Rating: moderate
References: #798043 #807760 #808106 #813079 #813448 #841426
#863205 #866690 #867974 #872503 #873857 #875385
#877003 #889332 #889765
Affected Products:
openSUSE 13.1
openSUSE 12.3
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

shim was updated to fix several security issues.

- OOB read access when parsing DHCPv6 packets (remote DoS) (CVE-2014-3675).
- Heap overflow when parsing IPv6 addresses provided by tftp:// DHCPv6
boot option (RCE) (CVE-2014-3676).
- Memory corruption when processing user provided MOK lists
(CVE-2014-3677).

More information is available at
https://bugzilla.novell.com/show_bug.cgi?id=889332

To enable this update gnu-efi was updated to 3.0u and pesign to version
0.109


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2015-48=1

- openSUSE 12.3:

zypper in -t patch openSUSE-2015-48=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.1 (i586 x86_64):

gnu-efi-3.0u-2.5.1
pesign-0.109-3.9.2
pesign-debuginfo-0.109-3.9.2
pesign-debugsource-0.109-3.9.2

- openSUSE 13.1 (x86_64):

shim-0.7.318.81ee561d-7.2

- openSUSE 12.3 (i586 x86_64):

gnu-efi-3.0u-6.5.1
pesign-0.109-3.19.1
pesign-debuginfo-0.109-3.19.1
pesign-debugsource-0.109-3.19.1

- openSUSE 12.3 (x86_64):

shim-0.7.318.81ee561d-3.22.1


References:

https://bugzilla.suse.com/798043
https://bugzilla.suse.com/807760
https://bugzilla.suse.com/808106
https://bugzilla.suse.com/813079
https://bugzilla.suse.com/813448
https://bugzilla.suse.com/841426
https://bugzilla.suse.com/863205
https://bugzilla.suse.com/866690
https://bugzilla.suse.com/867974
https://bugzilla.suse.com/872503
https://bugzilla.suse.com/873857
https://bugzilla.suse.com/875385
https://bugzilla.suse.com/877003
https://bugzilla.suse.com/889332
https://bugzilla.suse.com/889765


< Previous Next >
This Thread
  • No further messages