edk2 0~20191122.bd85bf54-2ubuntu3.2 source package in Ubuntu

Changelog

edk2 (0~20191122.bd85bf54-2ubuntu3.2) focal-security; urgency=medium

  * SECURITY UPDATE: unlimited FV recursion
    - debian/patches/CVE-2021-28210-1.patch: assert SectionInstance
      invariant in FindChildNode() in
      MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c.
    - debian/patches/CVE-2021-28210-2.patch: limit FwVol encapsulation
      section recursion in MdeModulePkg/Core/Dxe/DxeMain.inf,
      MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c,
      MdeModulePkg/MdeModulePkg.dec, MdeModulePkg/MdeModulePkg.uni.
    - CVE-2021-28210
  * SECURITY UPDATE: possible heap corruption in LzmaUefiDecompressGetInfo
    - debian/patches/CVE-2021-28211.patch: catch 4GB+ uncompressed
      buffer sizes in
      MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompress.c,
      MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompressLibInternal.h.
    - CVE-2021-28211

 -- Marc Deslauriers <email address hidden>  Mon, 12 Apr 2021 08:18:49 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
misc
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Focal: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
edk2_0~20191122.bd85bf54.orig-qemu-ovmf-secureboot-1-1-3.tar.gz 6.9 KiB f0874d37e5d0a72c27d5f717cb161fd48d252f26bfaf74ebc5761e36b3992363
edk2_0~20191122.bd85bf54.orig.tar.xz 13.7 MiB 1f5ada5a81b1ee10deb19154d6f09edfe144ae241a5408a61a3ed8d07e037702
edk2_0~20191122.bd85bf54-2ubuntu3.2.debian.tar.xz 45.5 KiB 641100e1a5820a667cead9575b5be94431424881dc784569a5f8d5909cef3868
edk2_0~20191122.bd85bf54-2ubuntu3.2.dsc 2.9 KiB 38f16ddaca10792b2a57c8c0f2c8269fadc2490713d2fbac4a6e17d1518101e6

View changes file

Binary packages built by this source

ovmf: UEFI firmware for 64-bit x86 virtual machines

 Open Virtual Machine Firmware is a build of EDK II for 64-bit x86 virtual
 machines. It includes full support for UEFI, including Secure Boot, allowing
 use of UEFI in place of a traditional BIOS in your VM.

qemu-efi: transitional dummy package

 This is a transitional dummy package. It contains a compatibility symlink
 of /usr/share/qemu-efi/QEMU_EFI.fd to /usr/share/qemu-efi-aarch64/QEMU_EFI.fd.

qemu-efi-aarch64: UEFI firmware for 64-bit ARM virtual machines

 qemu-efi-aarch64 is a build of EDK II for 64-bit ARM virtual machines. It
 includes full support for UEFI, including Secure Boot.

qemu-efi-arm: UEFI firmware for 32-bit ARM virtual machines

 qemu-efi-arm is a build of EDK II for 32-bit ARM virtual machines. It
 includes full support for UEFI, including Secure Boot.