[ubuntu/eoan-updates] edk2 0~20190606.20d2e5a1-2ubuntu1.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Apr 30 19:58:18 UTC 2020


edk2 (0~20190606.20d2e5a1-2ubuntu1.1) eoan; urgency=medium

  * Fix numeric truncation in S3BootScript[Save]*() API. (CVE-2019-14563)
  * Fix use-after-free in PcdHiiOsRuntimeSupport. (CVE-2019-14586)
  * Clear memory before free to avoid potential password leak.
    (CVE-2019-14558)
  * Fix double-unmap in SdMmcCreateTrb(). This did not impact any
    of the images built from this package. (CVE-2019-14587)
  * Fix memory leak in ArpOnFrameRcvdDpc(). (CVE-2019-14559)
  * Fix issue that could allow an efi image with a blacklisted hash in the
    dbx to be loaded. (CVE-2019-14575)
  * Fix a memory leak in the ARP handler. (CVE-2019-14559)

Date: 2020-04-03 21:25:14.633617+00:00
Changed-By: dann frazier <dann.frazier at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/edk2/0~20190606.20d2e5a1-2ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Eoan-changes mailing list