Ubuntu
edk2 package

edk2 2020.05-5ubuntu0.2 source package in Ubuntu

Changelog

edk2 (2020.05-5ubuntu0.2) groovy-security; urgency=medium

  * SECURITY UPDATE: unlimited FV recursion
    - debian/patches/CVE-2021-28210-1.patch: assert SectionInstance
      invariant in FindChildNode() in
      MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c.
    - debian/patches/CVE-2021-28210-2.patch: limit FwVol encapsulation
      section recursion in MdeModulePkg/Core/Dxe/DxeMain.inf,
      MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c,
      MdeModulePkg/MdeModulePkg.dec, MdeModulePkg/MdeModulePkg.uni.
    - CVE-2021-28210
  * SECURITY UPDATE: possible heap corruption in LzmaUefiDecompressGetInfo
    - debian/patches/CVE-2021-28211.patch: catch 4GB+ uncompressed
      buffer sizes in
      MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompress.c,
      MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompressLibInternal.h.
    - CVE-2021-28211

 -- Marc Deslauriers <email address hidden>  Mon, 12 Apr 2021 08:12:17 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Groovy
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
misc
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Groovy: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
edk2_2020.05.orig-qemu-ovmf-secureboot-1-1-3.tar.gz 6.9 KiB f0874d37e5d0a72c27d5f717cb161fd48d252f26bfaf74ebc5761e36b3992363
edk2_2020.05.orig.tar.xz 32.9 MiB 6f9f27b29dd24924992caa27b2cd1605fb8a0a2e22caadfe242f812e2a592447
edk2_2020.05-5ubuntu0.2.debian.tar.xz 36.6 KiB ef0bd0a1cc1d8d77534be946f621ad62f5f119148f6659cd993e60ca6ba46007
edk2_2020.05-5ubuntu0.2.dsc 2.8 KiB 0291f2b3af233c78a715cf432d948cab964d6cd9edfbef691b8ed465ed222240

View changes file

Binary packages built by this source

ovmf: No summary available for ovmf in ubuntu groovy.

No description available for ovmf in ubuntu groovy.

qemu-efi: No summary available for qemu-efi in ubuntu groovy.

No description available for qemu-efi in ubuntu groovy.

qemu-efi-aarch64: No summary available for qemu-efi-aarch64 in ubuntu groovy.

No description available for qemu-efi-aarch64 in ubuntu groovy.

qemu-efi-arm: No summary available for qemu-efi-arm in ubuntu groovy.

No description available for qemu-efi-arm in ubuntu groovy.