edk2 2020.05-5ubuntu0.2 source package in Ubuntu

Changelog

edk2 (2020.05-5ubuntu0.2) groovy-security; urgency=medium

  * SECURITY UPDATE: unlimited FV recursion
    - debian/patches/CVE-2021-28210-1.patch: assert SectionInstance
      invariant in FindChildNode() in
      MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c.
    - debian/patches/CVE-2021-28210-2.patch: limit FwVol encapsulation
      section recursion in MdeModulePkg/Core/Dxe/DxeMain.inf,
      MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c,
      MdeModulePkg/MdeModulePkg.dec, MdeModulePkg/MdeModulePkg.uni.
    - CVE-2021-28210
  * SECURITY UPDATE: possible heap corruption in LzmaUefiDecompressGetInfo
    - debian/patches/CVE-2021-28211.patch: catch 4GB+ uncompressed
      buffer sizes in
      MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompress.c,
      MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaDecompressLibInternal.h.
    - CVE-2021-28211

 -- Marc Deslauriers <email address hidden>  Mon, 12 Apr 2021 08:12:17 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2021-04-12
Uploaded to:
Groovy
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
misc
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Groovy updates on 2021-04-20 main misc
Groovy security on 2021-04-20 main misc

Builds

Groovy: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
edk2_2020.05.orig-qemu-ovmf-secureboot-1-1-3.tar.gz 6.9 KiB f0874d37e5d0a72c27d5f717cb161fd48d252f26bfaf74ebc5761e36b3992363
edk2_2020.05.orig.tar.xz 32.9 MiB 6f9f27b29dd24924992caa27b2cd1605fb8a0a2e22caadfe242f812e2a592447
edk2_2020.05-5ubuntu0.2.debian.tar.xz 36.6 KiB ef0bd0a1cc1d8d77534be946f621ad62f5f119148f6659cd993e60ca6ba46007
edk2_2020.05-5ubuntu0.2.dsc 2.8 KiB 0291f2b3af233c78a715cf432d948cab964d6cd9edfbef691b8ed465ed222240

View changes file

Binary packages built by this source

ovmf: UEFI firmware for 64-bit x86 virtual machines

 Open Virtual Machine Firmware is a build of EDK II for 64-bit x86 virtual
 machines. It includes full support for UEFI, including Secure Boot, allowing
 use of UEFI in place of a traditional BIOS in your VM.

qemu-efi: transitional dummy package

 This is a transitional dummy package. It contains a compatibility symlink
 of /usr/share/qemu-efi/QEMU_EFI.fd to /usr/share/qemu-efi-aarch64/QEMU_EFI.fd.

qemu-efi-aarch64: UEFI firmware for 64-bit ARM virtual machines

 qemu-efi-aarch64 is a build of EDK II for 64-bit ARM virtual machines. It
 includes full support for UEFI, including Secure Boot.

qemu-efi-arm: UEFI firmware for 32-bit ARM virtual machines

 qemu-efi-arm is a build of EDK II for 32-bit ARM virtual machines. It
 includes full support for UEFI, including Secure Boot.