Download
| Alert*
oval:org.secpod.oval:def:127371
Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments. oval:org.secpod.oval:def:509197 The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fix: shim: RCE in http boot support may lead to Secure Boot bypass shim: Interger overflow leads to heap buffer overflow in verify_sbat_section on 32 ... oval:org.secpod.oval:def:89051794 This update for shim fixes the following issues: * Update shim-install to set the TPM2 SRK algorithm * Limit the requirement of fde-tpm-helper-macros to the distro with suse_version 1600 and above Update to version 15.8: Security issues fixed: * mok: fix LogError invocation * avoid incorrectly tr ... oval:org.secpod.oval:def:2600631 The shim package contains a first-stage UEFI boot loader that handles chaining oval:org.secpod.oval:def:127370 Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments. This package contains the version signed by the UEFI signing service. oval:org.secpod.oval:def:509203 The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fix: shim: RCE in http boot support may lead to Secure Boot bypass shim: Interger overflow leads to heap buffer overflow in verify_sbat_section on 32 ... oval:org.secpod.oval:def:1507481 [15.8-1.0.3] - Update shimx64.efi and shimaa64.efi v15.8 signed by Microsoft [Orabug: 36072879] - Update shim fb and mm binaries to match unsigned releases [Orabug: 36072879] [15.8-1.0.2] - Use binaries with correct shim.ol generation [Orabug: 36072879] - Set SBAT_AUTOMATIC_DATE=2021030218 [Orabug: ... oval:org.secpod.oval:def:97852 An issue was discovered in Dnsmasq through 15.7-1. A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controll ... oval:org.secpod.oval:def:509213 The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fix: shim: RCE in http boot support may lead to Secure Boot bypass shim: Interger overflow leads to heap buffer overflow in verify_sbat_section on 32 ... oval:org.secpod.oval:def:97853 A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete syste ... oval:org.secpod.oval:def:1507495 [15.8-4.0.1] - Add support for Oracle signed shim [Orabug: 36540084] - Add shim binaries signed with Oracle Secure Boot Signing [Orabug: 36540084] [15.8-1.0.3] - Update shimx64.efi, shimia32.efi and shimaa64.efi v15.8 signed by Microsoft [Orabug: 36072863] [15.8-1.0.2] - Use binaries with correct s ... oval:org.secpod.oval:def:1507497 shim [- 15.8-2.0.3.el7] - Set shim.ol sbat generation to 3 [Orabug: 36271343] [- 15.8-2.0.1.el7] - Set SBAT_AUTOMATIC_DATE to 2021030218 [Orabug: 36271343] - Rebuild with Oracle certificates [Orabug: 36271343] - Full list of fixed CVEs: CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, ... oval:org.secpod.oval:def:127369 Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments. oval:org.secpod.oval:def:2501391 The shim package contains a first-stage UEFI boot loader that handles chaining oval:org.secpod.oval:def:1702162 A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete syste ... |