ELSA-2023-32791

ELSA-2023-32791 - edk2 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-12-06

Description

[20230821]
- Create new 20230821 release for OL8 which includes the following fixed CVEs:
CVE-2019-14560
- Update to OpenSSL 1.1.1v which includes the following fixed CVEs:
CVE-2023-3817 CVE-2023-3446 CVE-2023-2650 CVE-2023-0465 CVE-2023-0466 CVE-2023-0464 CVE-2023-0286 CVE-2023-0215 CVE-2022-4450 CVE-2022-4304 CVE-2022-2097 CVE-2022-2068 CVE-2022-1292 CVE-2022-0778 CVE-2021-4160 CVE-2021-3712 CVE-2021-3711 CVE-2021-3450 CVE-2021-3449 CVE-2021-23841 CVE-2021-23840 CVE-2020-1971 CVE-2020-1967 CVE-2019-1551 CVE-2019-1563 CVE-2019-1549 CVE-2019-1547 CVE-2019-1552 CVE-2019-1543 CVE-2018-0734 CVE-2018-0735

[20230613]
- Create new 20230613.cvm release for OL8

[20230227]
- Create new 20230227.cvm release for OL8 which includes the following fixed CVEs:
CVE-2021-38578

Related CVEs

CVE-2023-0215

CVE-2023-0286

CVE-2022-4450

CVE-2022-4304

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 8 (aarch64)	edk2-20230821-1.el8.src.rpm	de1dcf5b222f5b2fbf246e06843878afac14b6bdbfeb58fe9f3d4bd6d90eb3fc	-	ol8_aarch64_distro_builder
	edk2-20230821-1.el8.src.rpm	de1dcf5b222f5b2fbf246e06843878afac14b6bdbfeb58fe9f3d4bd6d90eb3fc	-	ol8_aarch64_kvm_appstream
	edk2-tools-20230821-1.el8.aarch64.rpm	391404444ddd168c5dcec2312b4839acae9d23fae70cd72f79c1ac720aad75f3	-	ol8_aarch64_distro_builder
Oracle Linux 8 (x86_64)	edk2-20230821-1.el8.src.rpm	de1dcf5b222f5b2fbf246e06843878afac14b6bdbfeb58fe9f3d4bd6d90eb3fc	-	ol8_x86_64_distro_builder
	edk2-20230821-1.el8.src.rpm	de1dcf5b222f5b2fbf246e06843878afac14b6bdbfeb58fe9f3d4bd6d90eb3fc	-	ol8_x86_64_kvm_appstream
	edk2-tools-20230821-1.el8.x86_64.rpm	02fc371a1d1cbdb95dfd20b6f90c1bcc57700f9c7b889420e4c39f60a280b2f1	-	ol8_x86_64_distro_builder

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team