ELSA-2024-23120

ELSA-2024-23120 - edk2 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2024-06-03

Description

* Tue Feb 27 2024 Aaron Young
- Create new 20240227 release for OL9 which includes the following fixed CVEs:
{CVE-2023-45229} {CVE-2023-45230} {CVE-2023-45231} {CVE-2023-45232} {CVE-2023-45233} {CVE-2023-45234} {CVE-2023-45235} {CVE-2022-36763} {CVE-2022-36764} {CVE-2022-36765}
- Update to OpenSSL 3.0.10 which includes the following fixed CVEs:
{CVE-2023-2975} {CVE-2023-1255} {CVE-2023-0401} {CVE-2023-0217} {CVE-2023-0216} {CVE-2023-0215} {CVE-2022-4203} {CVE-2022-3996} {CVE-2022-3602} {CVE-2022-3786} {CVE-2022-3358} {CVE-2022-2274} {CVE-2022-1473} {CVE-2022-1434} {CVE-2022-1343} {CVE-2021-4044} {CVE-2021-23839}

* Tue Aug 22 2023 Aaron Young
- Create new 20230822.cvm release for OL9

Related CVEs

CVE-2023-45231

CVE-2022-36763

CVE-2023-45230

CVE-2022-36765

CVE-2022-36764

CVE-2023-45229

CVE-2023-45232

CVE-2023-45234

CVE-2023-45233

CVE-2023-45235

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	edk2-20240227-5.el9.src.rpm	251d0211f620b3ca2d970fe55d50b336ed08b5f51572f891c32310d59c91c99c	-	ol9_aarch64_developer_kvm_utils
	edk2-20240227-5.el9.src.rpm	251d0211f620b3ca2d970fe55d50b336ed08b5f51572f891c32310d59c91c99c	-	ol9_aarch64_kvm_utils
	edk2-tools-20240227-5.el9.aarch64.rpm	1f658823fc21ce8f509ccfb99a363cb49b39aed3721fb86cf8ed73506089b765	-	ol9_aarch64_developer_kvm_utils
Oracle Linux 9 (x86_64)	edk2-20240227-5.el9.src.rpm	251d0211f620b3ca2d970fe55d50b336ed08b5f51572f891c32310d59c91c99c	-	ol9_x86_64_developer_kvm_utils
	edk2-20240227-5.el9.src.rpm	251d0211f620b3ca2d970fe55d50b336ed08b5f51572f891c32310d59c91c99c	-	ol9_x86_64_kvm_utils
	edk2-tools-20240227-5.el9.x86_64.rpm	2b453294a6e078ec751cd464d5cce6fde3e2a4ce53bcdb497d14630e87420798	-	ol9_x86_64_developer_kvm_utils

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team