ELSA-2019-4668

ELSA-2019-4668 - edk2 security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2019-06-06

Description


[1:1.2-5.el7]
- Update spec file to remove 'modprobe kvm-intel' and remove --enable-kvm arg to ovmf_vars_generator so qemu will not require kvm kernel module. (Aaron Young)
- Update spec file to modprobe kvm_intel module prior to running qemu to enroll default keys. (Aaron Young)
- Enroll Oracle cert/key for OL secureboot support. (Aaron Young)

[1:1.2-2.el7]
- Change Image.c image load error to DEBUG_WARN from DEBUG_ERROR since it is normal for some images to fail to load if the associated hardware is not present. Such is the case with Ramfb. (Aaron Young) [Orabug: 28868674]
- Fix AAVMF build. Pull in OpenSSL code (as is done for x86_64) (Aaron Young)
- Update AAVMF change log for version 1.2 (Aaron Young)

[1:1.2-1.el7]
- Update spec files and OVMF change log to version 1.2


Related CVEs


CVE-2017-5715
CVE-2017-5753
CVE-2018-12180
CVE-2017-5731
CVE-2017-5732
CVE-2017-5733
CVE-2017-5734
CVE-2017-5735
CVE-2018-12178
CVE-2018-12181
CVE-2018-3630

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) edk2-1.2-5.el7.src.rpm3fec915fc83be5373cec3887a64f4587ELSA-2020-5861
AAVMF-1.2-5.el7.noarch.rpmbf98a17b5d17b67a0e31e01f55df7d18ELSA-2020-5861
Oracle Linux 7 (x86_64) edk2-1.2-5.el7.src.rpm3fec915fc83be5373cec3887a64f4587ELSA-2020-5861



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete