[SECURITY] Fedora 39 Update: edk2-20240214-2.fc39

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-a9dead34c5 2024-03-13 01:22:43.440810 -------------------------------------------------------------------------------- Name : edk2 Product : Fedora 39 Version : 20240214 Release : 2.fc39 URL : http://www.tianocore.org Summary : UEFI firmware for 64-bit virtual machines Description : EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. This package contains sample 64-bit UEFI firmware builds for QEMU and KVM. -------------------------------------------------------------------------------- Update Information: update to edk2-stable202402 -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 26 2024 Gerd Hoffmann <kraxel(a)redhat.com&gt; - 20240214-2 - switch pcr predition to systemd-pcrlock format * Mon Feb 26 2024 Gerd Hoffmann <kraxel(a)redhat.com&gt; - 20240214-1 - update to edk2-stable202402 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2257587 - CVE-2022-36764 edk2: heap buffer overflow in Tcg2MeasurePeImage() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2257587 [ 2 ] Bug #2257588 - CVE-2022-36763 edk2: heap buffer overflow in Tcg2MeasureGptTable() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2257588 [ 3 ] Bug #2257589 - CVE-2022-36765 edk2: integer overflow in CreateHob() could lead to HOB OOB R/W [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2257589 [ 4 ] Bug #2258679 - CVE-2023-4522 edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258679 [ 5 ] Bug #2258687 - CVE-2023-45230 edk2: Buffer overflow in the DHCPv6 client via a long Server ID option [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258687 [ 6 ] Bug #2258690 - CVE-2023-45231 edk2: Out of Bounds read when handling a ND Redirect message with truncated options [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258690 [ 7 ] Bug #2258693 - CVE-2023-45232 edk2: Infinite loop when parsing unknown options in the Destination Options header [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258693 [ 8 ] Bug #2258696 - CVE-2023-45233 edk2: Infinite loop when parsing a PadN option in the Destination Options header [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258696 [ 9 ] Bug #2258699 - CVE-2023-45234 edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258699 [ 10 ] Bug #2258701 - CVE-2023-45235 edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2258701 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-a9dead34c5' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------