Format: 1.8 Date: Fri, 25 Nov 2022 10:33:01 -0500 Source: u-boot Binary: u-boot u-boot-amlogic u-boot-imx u-boot-qemu u-boot-qcom u-boot-tegra u-boot-omap u-boot-sunxi u-boot-exynos u-boot-mvebu u-boot-rockchip u-boot-rpi u-boot-sifive u-boot-tools Architecture: arm64 Version: 2020.10+dfsg-1ubuntu0~18.04.3 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: u-boot - A boot loader for embedded systems u-boot-amlogic - A boot loader for amlogic systems u-boot-exynos - A boot loader for exynos systems u-boot-imx - A boot loader for imx systems u-boot-mvebu - A boot loader for marvell systems u-boot-omap - A boot loader for omap systems u-boot-qcom - A boot loader for qcom systems u-boot-qemu - A boot loader for qemu u-boot-rockchip - A boot loader for rockchip systems u-boot-rpi - A boot loader for Raspberry PI systems u-boot-sifive - A boot loader for SiFive systems u-boot-sunxi - A boot loader for sunxi systems u-boot-tegra - A boot loader for NVIDIA Tegra systems u-boot-tools - companion tools for Das U-Boot bootloader Changes: u-boot (2020.10+dfsg-1ubuntu0~18.04.3) bionic-security; urgency=medium . * SECURITY UPDATE: unchecked length field in DFU implementation - debian/patches/CVE-2022-2347-pre1.patch: handle short frame result of UPLOAD in state_dfu_idle in drivers/usb/gadget/f_dfu.c. - debian/patches/CVE-2022-2347.patch: fix the unchecked length field in drivers/usb/gadget/f_dfu.c. - CVE-2022-2347 * SECURITY UPDATE: buffer overflow via invalid packets - debian/patches/CVE-2022-30552_30790.patch: check for the minimum IP fragmented datagram size in include/net.h, net/net.c. - CVE-2022-30552 - CVE-2022-30790 * SECURITY UPDATE: incomplete fix for CVE-2019-14196 - debian/patches/CVE-2022-30767.patch: switch length to unsigned int in net/nfs.c. - CVE-2022-30767 * SECURITY UPDATE: out of bounds write via sqfs_readdir() - debian/patches/CVE-2022-33103.patch: prevent arbitrary code execution in fs/squashfs/sqfs.c, include/fs.h. - CVE-2022-33103 * SECURITY UPDATE: heap buffer overflow in metadata reading - debian/patches/CVE-2022-33967.patch: use kcalloc when relevant in fs/squashfs/sqfs.c. - CVE-2022-33967 * SECURITY UPDATE: stack overflow in i2c md command - debian/patches/CVE-2022-34835.patch: switch to unsigned int in cmd/i2c.c. - CVE-2022-34835 Checksums-Sha1: dab8c6ef4b36bb630ba55c1a26a17cc13445ba4f 488212 u-boot-amlogic_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 4c0fbc5d09531082bece9d02df9b6a364b264e57 289196 u-boot-mvebu_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb c02269adda55d62093ca6ddac411baa9b508541a 303228 u-boot-qcom_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 2c6f5794898197c5ae854835c01755f62ba1ed93 772824 u-boot-rockchip_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb d58e38ffd6720e01684faf0f16b06da5c66094cf 343484 u-boot-rpi_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 9c271e7716ff09cb2316dab92e50dfbaaa55a1f0 625180 u-boot-sunxi_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 3c5578a148a183e0c9f756a6517e1105eab7d813 261736 u-boot-tegra_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb be335cafab791e4df8dc493f3656f75a260dda47 139712 u-boot-tools_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 08b112e4c5b624175e6448877afea849feb45b20 8589 u-boot_2020.10+dfsg-1ubuntu0~18.04.3_arm64.buildinfo Checksums-Sha256: 5c03549042a0b6b9c2a9f5653c84410a065c6b03f0186e87b690787cb687b50d 488212 u-boot-amlogic_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb b1264b5f3d03497cc65c7fe7ef8c978883f74035cc45c4b0d69e0f2d53c54da5 289196 u-boot-mvebu_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 76468db57567f357f865cda2e9a0dcb86eaf0940c827e7c06e7b55983f53234e 303228 u-boot-qcom_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb ca10668b3f06b2feb7e9ebc8e4a0122d1223088083796cd84155cb17e7615ea4 772824 u-boot-rockchip_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb a12a355ca4d3d3d6a3444fcf556a8828f2c9988b525b13cab0322cb5fb97ef07 343484 u-boot-rpi_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 56d6d7aae87f702f6a7da3e6adfc54388198a11f228df7cd1c51b421f81cee4d 625180 u-boot-sunxi_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 0bb648fad8a09778d5000ad5ed9cd81b17cbe156481152ad0a2ba12edfdd1dfc 261736 u-boot-tegra_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 7d9cca1521abaecc1372c8e0418e4de5b999fddb305e14f18f5ccfe0b9df76f3 139712 u-boot-tools_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 7b899d36540b71b74b7d7ebaec1b4be918219b95936bb0fb026f42cb4bb0d5b0 8589 u-boot_2020.10+dfsg-1ubuntu0~18.04.3_arm64.buildinfo Files: d05950490990f7b88a9f6607e52f7991 488212 admin optional u-boot-amlogic_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 8d2a68046a0b64b143440e638d9515d1 289196 admin optional u-boot-mvebu_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb eb5808b48b12d1fb5544999aa36a7d43 303228 admin optional u-boot-qcom_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 5242ddf13c7283cdc98e693b8582b288 772824 admin optional u-boot-rockchip_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb e1a8e0d5d4d13a83f46eaa4e86c4f588 343484 admin optional u-boot-rpi_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb f4ceb802c54dd1793f7687dba2f23c2f 625180 admin optional u-boot-sunxi_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 7094acb3af1bc80ea7507adb13cbfed1 261736 admin optional u-boot-tegra_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb 6b7298d6a04dbb49e181a78ca7b02def 139712 admin optional u-boot-tools_2020.10+dfsg-1ubuntu0~18.04.3_arm64.deb a80c8a881d54e519ed67ab29a81b07b6 8589 admin optional u-boot_2020.10+dfsg-1ubuntu0~18.04.3_arm64.buildinfo Original-Maintainer: Vagrant Cascadian