Описание
Security update for ovmf
This update for ovmf fixes the following issues:
- CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler (bsc#1175476).
- Use openSUSE CA for the opensuse flavor (bsc#1175674)
Список пакетов
SUSE Linux Enterprise Server 12 SP4-LTSS
ovmf-2017+git1510945757.b2662641d5-3.29.1
ovmf-tools-2017+git1510945757.b2662641d5-3.29.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.29.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.29.1
SUSE Linux Enterprise Server 12 SP5
ovmf-2017+git1510945757.b2662641d5-3.29.1
ovmf-tools-2017+git1510945757.b2662641d5-3.29.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.29.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.29.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
ovmf-2017+git1510945757.b2662641d5-3.29.1
ovmf-tools-2017+git1510945757.b2662641d5-3.29.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.29.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
ovmf-2017+git1510945757.b2662641d5-3.29.1
ovmf-tools-2017+git1510945757.b2662641d5-3.29.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.29.1
qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.29.1
SUSE OpenStack Cloud 9
ovmf-2017+git1510945757.b2662641d5-3.29.1
ovmf-tools-2017+git1510945757.b2662641d5-3.29.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.29.1
SUSE OpenStack Cloud Crowbar 9
ovmf-2017+git1510945757.b2662641d5-3.29.1
ovmf-tools-2017+git1510945757.b2662641d5-3.29.1
qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.29.1
Ссылки
- Link for SUSE-SU-2020:2714-1
- E-Mail link for SUSE-SU-2020:2714-1
- SUSE Security Ratings
- SUSE Bug 1175476
- SUSE Bug 1175674
- SUSE CVE CVE-2019-14562 page
Описание
Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP4-LTSS:ovmf-2017+git1510945757.b2662641d5-3.29.1
SUSE Linux Enterprise Server 12 SP4-LTSS:ovmf-tools-2017+git1510945757.b2662641d5-3.29.1
SUSE Linux Enterprise Server 12 SP4-LTSS:qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-3.29.1
SUSE Linux Enterprise Server 12 SP4-LTSS:qemu-uefi-aarch64-2017+git1510945757.b2662641d5-3.29.1
Ссылки
- CVE-2019-14562
- SUSE Bug 1175476