ELSA-2023-13024

ELSA-2023-13024 - edk2 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-12-06

Description

[20230821]
- Create new 20230821 release for OL9 which includes the following fixed CVEs:
CVE-2019-14560
- Update to OpenSSL 1.1.1v which includes the following fixed CVEs:
CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450 CVE-2022-4304 CVE-2022-2097 CVE-2022-2068 CVE-2022-1292 CVE-2022-0778 CVE-2021-4160 CVE-2021-3712 CVE-2021-3711 CVE-2021-3450 CVE-2021-3449 CVE-2021-23841 CVE-2021-23840 CVE-2020-1971 CVE-2020-1967 CVE-2019-1551 CVE-2019-1563 CVE-2019-1549 CVE-2019-1547 CVE-2019-1552 CVE-2019-1543 CVE-2018-0734 CVE-2018-0735

[20230613]
- Create new 20230613.cvm release for OL9

[20230227]
- Create new 20230227.cvm release for OL9 which includes the following fixed CVEs:
CVE-2021-38578

Related CVEs

CVE-2023-0215

CVE-2022-4304

CVE-2022-4450

CVE-2023-0286

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	edk2-20230821-1.el9.src.rpm	b7b1dabdd6254cd3cd188c257335a04f731d59ab5e067843180e49b00abff949	-	ol9_aarch64_developer_kvm_utils
	edk2-20230821-1.el9.src.rpm	b7b1dabdd6254cd3cd188c257335a04f731d59ab5e067843180e49b00abff949	-	ol9_aarch64_kvm_utils
	edk2-aarch64-20230821-1.el9.noarch.rpm	bd817469aceac218f667bad4a225bc81c914b6e594ce188d7c2a027adf95bb03	-	ol9_aarch64_kvm_utils
Oracle Linux 9 (x86_64)	edk2-20230821-1.el9.src.rpm	b7b1dabdd6254cd3cd188c257335a04f731d59ab5e067843180e49b00abff949	-	ol9_x86_64_developer_kvm_utils
	edk2-20230821-1.el9.src.rpm	b7b1dabdd6254cd3cd188c257335a04f731d59ab5e067843180e49b00abff949	-	ol9_x86_64_kvm_utils
	edk2-ovmf-20230821-1.el9.noarch.rpm	247b3b8c585bc2d1ad584f7771d12455b7e8445d7ecfaf4d10bfb1c989052322	-	ol9_x86_64_kvm_utils

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team