ELSA-2023-32790

ELSA-2023-32790 - edk2 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-12-07

Description

[20230821]
- Create new 20230821 release for OL9 which includes the following fixed CVEs:
CVE-2019-14560
- Update to OpenSSL 1.1.1v which includes the following fixed CVEs:
CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450 CVE-2022-4304 CVE-2022-2097 CVE-2022-2068 CVE-2022-1292 CVE-2022-0778 CVE-2021-4160 CVE-2021-3712 CVE-2021-3711 CVE-2021-3450 CVE-2021-3449 CVE-2021-23841 CVE-2021-23840 CVE-2020-1971 CVE-2020-1967 CVE-2019-1551 CVE-2019-1563 CVE-2019-1549 CVE-2019-1547 CVE-2019-1552 CVE-2019-1543 CVE-2018-0734 CVE-2018-0735

[20230613]
- Create new 20230613.cvm release for OL9

[20230227]
- Create new 20230227.cvm release for OL9 which includes the following fixed CVEs:
CVE-2021-38578

Related CVEs

CVE-2022-4450

CVE-2023-0215

CVE-2023-0286

CVE-2022-4304

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	edk2-20230821-1.el9.src.rpm	b7b1dabdd6254cd3cd188c257335a04f731d59ab5e067843180e49b00abff949	-	ol9_aarch64_developer_kvm_utils
	edk2-20230821-1.el9.src.rpm	b7b1dabdd6254cd3cd188c257335a04f731d59ab5e067843180e49b00abff949	-	ol9_aarch64_kvm_utils
	edk2-tools-20230821-1.el9.aarch64.rpm	e1f19ed58f6ad82eba1d808c084658a253577430c3618fdcdff7919bb337830e	-	ol9_aarch64_developer_kvm_utils
Oracle Linux 9 (x86_64)	edk2-20230821-1.el9.src.rpm	b7b1dabdd6254cd3cd188c257335a04f731d59ab5e067843180e49b00abff949	-	ol9_x86_64_developer_kvm_utils
	edk2-20230821-1.el9.src.rpm	b7b1dabdd6254cd3cd188c257335a04f731d59ab5e067843180e49b00abff949	-	ol9_x86_64_kvm_utils
	edk2-tools-20230821-1.el9.x86_64.rpm	65235b733efa93c43f96903b9a8d64cafaa810c663344e4dcea42380c9ebfeaa	-	ol9_x86_64_developer_kvm_utils

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team