edk2 2023.11-6 source package in Ubuntu
Changelog
edk2 (2023.11-6) unstable; urgency=medium
* Cherry-pick security fixes from upstream:
- Fix a buffer overflow via a long server ID option in DHCPv6
client, CVE-2023-45230:
+ 0001-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch
+ 0002-NetworkPkg-Add-Unit-tests-to-CI-and-create-Host-Test.patch
+ 0003-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Un.patch
- Fix an out-of-bounds read vulnerability when processing the IA_NA
or IA_TA option in a DHCPv6 Advertise message, CVE-2023-45229:
+ 0004-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Pa.patch
+ 0005-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45229-Un.patch
- Fix an out-of-bounds read when processing Neighbor Discovery
Redirect messages, CVE-2023-45231:
+ 0006-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Patc.patch
+ 0007-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45231-Unit.patch
- Avoid an infinite loop when parsing unknown options in the
Destination Options header of IPv6, CVE-2023-45232:
+ 0008-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Patc.patch
+ 0009-NetworkPkg-Ip6Dxe-SECURITY-PATCH-CVE-2023-45232-Unit.patch
- Avoid an infinite loop when parsing a PadN option in the
Destination Options header of IPv6, CVE-2023-45233:
+ 0010-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch
+ 0011-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch
- Fix a potential buffer overflow when processing a DNS Servers
option from a DHCPv6 Advertise message, CVE-2023-45234:
+ 0013-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch
- Fix a potential buffer overflow when handling a Server ID option
from a DHCPv6 proxy Advertise message, CVE-2023-45235:
+ 0012-MdePkg-Test-Add-gRT_GetTime-Google-Test-Mock.patch
+ 0014-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch
- Record fixes in a SecurityFix.yaml file:
+ 0015-NetworkPkg-Adds-a-SecurityFix.yaml-file.patch
-- dann frazier <email address hidden> Sat, 10 Feb 2024 14:02:37 -0700
Upload details
- Uploaded by:
- Debian QEMU Team
- Uploaded to:
- Sid
- Original maintainer:
- Debian QEMU Team
- Architectures:
- all
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| edk2_2023.11-6.dsc | 3.0 KiB | 10e38ea1ba032b86e3e7d52c15594cb63a0788e205f0d388a768c30734f53d6c |
| edk2_2023.11.orig.tar.xz | 23.9 MiB | 7a06a495fa0f087406b43e3b2622e47e7ad4d25e55ec7fd64ba27a2295cca17d |
| edk2_2023.11-6.debian.tar.xz | 77.6 KiB | e77c559a2c091524fd217e040961e4b1fbe7cb2a6c0ae03482276c792369b231 |
Available diffs
- diff from 2023.11-5 to 2023.11-6 (34.8 KiB)
No changes file available.
Binary packages built by this source
- efi-shell-aa64: UEFI Shell for 64-bit ARM architecture
The UEFI Shell provides a command line interface running on top of the EFI API.
It can be used to execute EFI binaries, to manage EFI variables and boot
options, or to display details of installed devices, drivers, and protocols.
This package contains the shellaa64.efi binary for the 64-bit ARM
architecture.
- efi-shell-arm: UEFI Shell for 32-bit ARM architecture
The UEFI Shell provides a command line interface running on top of the EFI API.
It can be used to execute EFI binaries, to manage EFI variables and boot
options, or to display details of installed devices, drivers, and protocols.
This package contains the shellarm.efi binary for the 32-bit ARM
architecture.
- efi-shell-ia32: UEFI Shell for 32-bit x86 architecture
The UEFI Shell provides a command line interface running on top of the EFI API.
It can be used to execute EFI binaries, to manage EFI variables and boot
options, or to display details of installed devices, drivers, and protocols.
This package contains the shellia32.efi binary for the a 32-bit x86
architecture.
- efi-shell-riscv64: UEFI Shell for 64-bit RISC-V architecture
The UEFI Shell provides a command line interface running on top of the EFI API.
It can be used to execute EFI binaries, to manage EFI variables and boot
options, or to display details of installed devices, drivers, and protocols.
This package contains the shellriscv64.efi binary for the 64-bit RISC-V
architecture.
- efi-shell-x64: UEFI Shell for 64-bit x86 architecture
The UEFI Shell provides a command line interface running on top of the EFI API.
It can be used to execute EFI binaries, to manage EFI variables and boot
options, or to display details of installed devices, drivers, and protocols.
This package contains the shellx64.efi binary for the 64-bit x86
architecture.
- ovmf: UEFI firmware for 64-bit x86 virtual machines
Open Virtual Machine Firmware is a build of EDK II for 64-bit x86 virtual
machines. It includes full support for UEFI, including Secure Boot, allowing
use of UEFI in place of a traditional BIOS in your VM.
- ovmf-ia32: UEFI firmware for 32-bit x86 virtual machines
Open Virtual Machine Firmware is a build of EDK II for 32-bit x86 virtual
machines. It includes full support for UEFI, including Secure Boot, allowing
use of UEFI in place of a traditional BIOS in your VM.
- qemu-efi-aarch64: UEFI firmware for 64-bit ARM virtual machines
qemu-efi-aarch64 is a build of EDK II for 64-bit ARM virtual machines. It
includes full support for UEFI, including Secure Boot.
- qemu-efi-arm: UEFI firmware for 32-bit ARM virtual machines
qemu-efi-arm is a build of EDK II for 32-bit ARM virtual machines. It
includes full support for UEFI, including Secure Boot.
- qemu-efi-riscv64: UEFI firmware for RISCV64 virtual machines
qemu-efi-riscv64 is a build of EDK II for RISCV64 virtual machines.
