[Git][security-tracker-team/security-tracker][master] edk update
Moritz Muehlenhoff
jmm at debian.org
Mon Apr 29 22:28:35 BST 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0b7d789d by Moritz Muehlenhoff at 2019-04-29T21:27:49Z
edk update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -49745,10 +49745,7 @@ CVE-2018-12183 (Stack overflow in DxeCore for EDK II may allow an unauthenticate
[jessie] - edk2 <end-of-life> (non-free)
NOTE: https://github.com/tianocore/edk2/commit/0a0d5296e448fc350de1594c49b9c0deff7fad60
CVE-2018-12182 (Insufficient memory write check in SMM service for EDK II may allow an ...)
- - edk2 <unfixed> (low; bug #927484)
- [buster] - edk2 <no-dsa> (Minor issue)
- [stretch] - edk2 <no-dsa> (Minor issue)
- [jessie] - edk2 <end-of-life> (non-free is not supported)
+ - edk2 <not-affected> (See https://bugzilla.tianocore.org/show_bug.cgi?id=1136#c13)
NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1136
CVE-2018-12181 (Stack overflow in corrupted bmp for EDK II may allow unprivileged user ...)
- edk2 0~20181115.85588389-3 (bug #924615)
@@ -49765,10 +49762,9 @@ CVE-2018-12180 (Buffer overflow in BlockIo service for EDK II may allow an unaut
NOTE: https://github.com/tianocore/edk2/commit/38c9fbdcaa0219eb86fe82d90e3f8cfb5a54be9f
NOTE: https://github.com/tianocore/edk2/commit/fccdb88022c1f6d85c773fce506b10c879063f1d
CVE-2018-12179 (Improper configuration in system firmware for EDK II may allow unauthe ...)
- - edk2 <unfixed> (low; bug #927484)
- [stretch] - edk2 <no-dsa> (Minor issue)
- [jessie] - edk2 <end-of-life> (non-free is not supported)
+ - edk2 <unfixed> (unimportant; bug #927484)
NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1133
+ NOTE: OpalPassword code is not enabled in Debian images
CVE-2018-12178 (Buffer overflow in network stack for EDK II may allow unprivileged use ...)
- edk2 0~20181115.85588389-3 (bug #924615)
[stretch] - edk2 0~20161202.7bbe0b3e-1+deb9u1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b7d789dd0287fd4f9ce59dcf617558de6d996c8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b7d789dd0287fd4f9ce59dcf617558de6d996c8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190429/73dfb1b4/attachment.html>
More information about the debian-security-tracker-commits
mailing list