SUSE-SU-2020:2713-1

Опубликовано: 22 сент. 2020

Источник: suse-cvrf

Описание

Security update for ovmf

This update for ovmf fixes the following issues:

CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler (bsc#1175476).
Use openSUSE CA for the opensuse flavor (bsc#1175674)

Список пакетов

SUSE Linux Enterprise High Performance Computing 15-ESPOS

ovmf-2017+git1510945757.b2662641d5-5.35.1

ovmf-tools-2017+git1510945757.b2662641d5-5.35.1

qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.35.1

qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.35.1

SUSE Linux Enterprise High Performance Computing 15-LTSS

ovmf-2017+git1510945757.b2662641d5-5.35.1

ovmf-tools-2017+git1510945757.b2662641d5-5.35.1

qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.35.1

qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.35.1

SUSE Linux Enterprise Module for Server Applications 15 SP1

ovmf-2017+git1510945757.b2662641d5-5.35.1

ovmf-tools-2017+git1510945757.b2662641d5-5.35.1

qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.35.1

qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.35.1

SUSE Linux Enterprise Server 15-LTSS

ovmf-2017+git1510945757.b2662641d5-5.35.1

ovmf-tools-2017+git1510945757.b2662641d5-5.35.1

qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.35.1

qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.35.1

SUSE Linux Enterprise Server for SAP Applications 15

ovmf-2017+git1510945757.b2662641d5-5.35.1

ovmf-tools-2017+git1510945757.b2662641d5-5.35.1

qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.35.1

Ссылки

https://www.suse.com/support/update/announcement/2020/suse-su-20202713-1/
Link for SUSE-SU-2020:2713-1
https://lists.suse.com/pipermail/sle-security-updates/2020-September/007455.html
E-Mail link for SUSE-SU-2020:2713-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1175476
SUSE Bug 1175476
https://bugzilla.suse.com/1175674
SUSE Bug 1175674
https://www.suse.com/security/cve/CVE-2019-14562/
SUSE CVE CVE-2019-14562 page

Описание

Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15-ESPOS:ovmf-2017+git1510945757.b2662641d5-5.35.1

SUSE Linux Enterprise High Performance Computing 15-ESPOS:ovmf-tools-2017+git1510945757.b2662641d5-5.35.1

SUSE Linux Enterprise High Performance Computing 15-ESPOS:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.35.1

SUSE Linux Enterprise High Performance Computing 15-ESPOS:qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.35.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-14562.html
CVE-2019-14562
https://bugzilla.suse.com/1175476
SUSE Bug 1175476

SUSE-SU-2020:2713-1

Описание

Список пакетов

SUSE Linux Enterprise High Performance Computing 15-ESPOS

SUSE Linux Enterprise High Performance Computing 15-LTSS

SUSE Linux Enterprise Module for Server Applications 15 SP1

SUSE Linux Enterprise Server 15-LTSS

SUSE Linux Enterprise Server for SAP Applications 15

Ссылки

Уязвимость: CVE-2019-14562

Описание

Затронутые продукты

Ссылки