[Git][security-tracker-team/security-tracker][master] edk update

Mon, 29 Apr 2019 14:28:48 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0b7d789d by Moritz Muehlenhoff at 2019-04-29T21:27:49Z
edk update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -49745,10 +49745,7 @@ CVE-2018-12183 (Stack overflow in DxeCore for EDK II 
may allow an unauthenticate
        [jessie] - edk2 <end-of-life> (non-free)
        NOTE: 
https://github.com/tianocore/edk2/commit/0a0d5296e448fc350de1594c49b9c0deff7fad60
 CVE-2018-12182 (Insufficient memory write check in SMM service for EDK II may 
allow an ...)
-       - edk2 <unfixed> (low; bug #927484)
-       [buster] - edk2 <no-dsa> (Minor issue)
-       [stretch] - edk2 <no-dsa> (Minor issue)
-       [jessie] - edk2 <end-of-life> (non-free is not supported)
+       - edk2 <not-affected> (See 
https://bugzilla.tianocore.org/show_bug.cgi?id=1136#c13)
        NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1136
 CVE-2018-12181 (Stack overflow in corrupted bmp for EDK II may allow 
unprivileged user ...)
        - edk2 0~20181115.85588389-3 (bug #924615)
@@ -49765,10 +49762,9 @@ CVE-2018-12180 (Buffer overflow in BlockIo service for 
EDK II may allow an unaut
        NOTE: 
https://github.com/tianocore/edk2/commit/38c9fbdcaa0219eb86fe82d90e3f8cfb5a54be9f
        NOTE: 
https://github.com/tianocore/edk2/commit/fccdb88022c1f6d85c773fce506b10c879063f1d
 CVE-2018-12179 (Improper configuration in system firmware for EDK II may allow 
unauthe ...)
-       - edk2 <unfixed> (low; bug #927484)
-       [stretch] - edk2 <no-dsa> (Minor issue)
-       [jessie] - edk2 <end-of-life> (non-free is not supported)
+       - edk2 <unfixed> (unimportant; bug #927484)
        NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1133
+       NOTE: OpalPassword code is not enabled in Debian images
 CVE-2018-12178 (Buffer overflow in network stack for EDK II may allow 
unprivileged use ...)
        - edk2 0~20181115.85588389-3 (bug #924615)
        [stretch] - edk2 0~20161202.7bbe0b3e-1+deb9u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b7d789dd0287fd4f9ce59dcf617558de6d996c8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0b7d789dd0287fd4f9ce59dcf617558de6d996c8
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to