exploitDog

ELSA-2024-1959

Опубликовано: 01 мая 2024

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2024-1959: shim security update (IMPORTANT)

shim [- 15.8-2.0.3.el7]

Set shim.ol sbat generation to 3 [Orabug: 36271343]

[- 15.8-2.0.1.el7]

Set SBAT_AUTOMATIC_DATE to 2021030218 [Orabug: 36271343]
Rebuild with Oracle certificates [Orabug: 36271343]
Full list of fixed CVEs: CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551 [Orabug: 36271343]

[15.8-2.el7]

Rebuild to fix the commit ident and MAKEFLAGS Resolves: RHEL-11254

[15.8-1.el7]

Update to shim-15.8 for CVE-2023-40547 Resolves: RHEL-11254

shim-signed [15.8-1.0.3]

Update shimx64.efi signed by Microsoft [Orabug: 36271343]

[15.8-1.0.1]

Set shim.ol sbat generation to 3 [Orabug: 36271343]
Set SBAT_AUTOMATIC_DATE to 2021030218 [Orabug: 36271343]
Rebuild with Oracle certificates [Orabug: 36271343]
Full list of fixed CVEs: CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551 [Orabug: 36271343]
Disable ia32 build [Orabug: 36271343]

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

mokutil

15.8-1.0.3.el7

shim-unsigned-x64

15.8-2.0.3.el7

shim-x64

15.8-1.0.3.el7

Связанные CVE

Ссылки на источники

Связанные уязвимости

ELSA-2024-1903

oracle-oval

около 1 года назад

ELSA-2024-1903: shim bug fix update (IMPORTANT)

ELSA-2024-1902

oracle-oval

около 1 года назад

ELSA-2024-1902: shim security update (IMPORTANT)

SUSE-SU-2024:1462-1

suse-cvrf

около 1 года назад

Security update for shim

SUSE-SU-2024:1461-1

suse-cvrf

около 1 года назад

Security update for shim

SUSE-SU-2024:1368-1

suse-cvrf

около 1 года назад

Security update for shim