Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleLinuxELSA-2020-4436
HistoryNov 10, 2020 - 12:00 a.m.

gnome-software and fwupd security, bug fix, and enhancement update

2020-11-1000:00:00
linux.oracle.com
48

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

JSON

appstream-data
[8-20200724]

  • Regenerate the RHEL metadata to include the EPEL apps too
  • Resolves: #1844488
    [8-20200630]
  • Regenerate the RHEL metadata
  • Resolves: #1844488
    fwupd
    [1.4.2-4.0.1]
  • Build with the updated Oracle certificate
  • Use oraclesecureboot301 as certdir [Orabug: 29881368]
  • Use new signing certificate (Alex Burmashev)
    [1.4.2-4]
  • Add signing with redhatsecureboot503 cert
    Related: CVE-2020-10713
    [1.4.2-3]
  • Obsolete the now-dead fwupdate package to prevent file conflicts
  • Resolves: #1859202
    [1.4.2-2]
  • Security fix for CVE-2020-10759
  • Resolves: #1844324
    [1.4.2-1]
  • New upstream release
  • Backport a patch to fix the synaptics fingerprint reader update.
  • Resolves: #1775277
    [1.4.1-1]
  • New upstream release
  • Resolves: #1775277
    gnome-software
    [3.36.1-4]
  • Fix ‘Show Details’ to correctly work for rpm-installed firefox
  • Resolves: #1845714
    [3.36.1-3]
  • Upload correct 3.36.1 tarball
  • Fix hardcoded desktop and appdata names to match whats in RHEL 8.3
  • Add back shell extensions support
  • Resolves: #1839774
    [3.36.1-2]
  • Add support for basic auth and webflow auth in flatpak plugin
  • Resolves: #1815502
    [3.36.1-1]
  • Update to 3.36.1
  • Resolves: #1797932
    libxmlb
    [0.1.15-1]
  • Initial release for RHEL
OSVersionArchitecturePackageVersionFilename
oracle linux8srcappstream-data< 8-20200724.el8appstream-data-8-20200724.el8.src.rpm
oracle linux8srcfwupd< 1.4.2-4.0.1.el8fwupd-1.4.2-4.0.1.el8.src.rpm
oracle linux8srcgnome-software< 3.36.1-4.el8gnome-software-3.36.1-4.el8.src.rpm
oracle linux8srclibxmlb< 0.1.15-1.el8libxmlb-0.1.15-1.el8.src.rpm
oracle linux8noarchappstream-data< 8-20200724.el8appstream-data-8-20200724.el8.noarch.rpm
oracle linux8aarch64fwupd< 1.4.2-4.0.1.el8fwupd-1.4.2-4.0.1.el8.aarch64.rpm
oracle linux8aarch64gnome-software< 3.36.1-4.el8gnome-software-3.36.1-4.el8.aarch64.rpm
oracle linux8aarch64libxmlb< 0.1.15-1.el8libxmlb-0.1.15-1.el8.aarch64.rpm
oracle linux8srcappstream-data< 8-20200724.el8appstream-data-8-20200724.el8.src.rpm
oracle linux8srcfwupd< 1.4.2-4.0.1.el8fwupd-1.4.2-4.0.1.el8.src.rpm
Rows per page:
1-10 of 171

Related

nessus 64
suse 4
gentoo 2
almalinux 1
openvas 41
osv 5
ubuntu 3
prion 2
githubexploit 2
cve 2
redhat 22
ubuntucve 2
fedora 4
archlinux 1
redhatcve 2
veracode 2
rocky 1
debiancve 2
mageia 2
debian 2
lenovo 2
cisa 1
alpinelinux 1
checkpoint_security 1
f5 1
cert 1
cbl_mariner 2
ibm 3
thn 1
huawei 1
cisco 1
attackerkb 1
threatpost 1
oraclelinux 5
centos 2
photon 5
qualysblog 1
hp 1
redos 1
mscve 1
nessus
nessus
AlmaLinux 8 : gnome-software and fwupd (ALSA-2020:4436)
2022-02-09 00:00:00
Debian DLA-2274-1 : fwupd security update
2020-07-10 00:00:00
CentOS 8 : gnome-software and fwupd (CESA-2020:4436)
2021-02-01 00:00:00
suse
suse
Security update for fwupd (important)
2020-06-23 00:00:00
Security update for fwupd (important)
2021-04-09 00:00:00
Security update for grub2 (important)
2020-08-08 00:00:00
gentoo
gentoo
fwupd, libjcat: Multiple vulnerabilities
2020-07-26 00:00:00
GRUB: Multiple vulnerabilities
2021-04-30 00:00:00
almalinux
almalinux
Low: gnome-software and fwupd security, bug fix, and enhancement update
2020-11-03 12:04:30
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0158)
2022-01-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1681-1)
2021-06-09 00:00:00
Fedora: Security Advisory for libjcat (FEDORA-2020-eec60309f2)
2020-06-23 00:00:00
osv
osv
Low: gnome-software and fwupd security, bug fix, and enhancement update
2020-11-03 12:04:30
Low: gnome-software and fwupd security, bug fix, and enhancement update
2020-11-03 12:04:30
fwupd - security update
2020-07-09 00:00:00
ubuntu
ubuntu
fwupd vulnerability
2020-06-15 00:00:00
GRUB 2 vulnerabilities
2020-07-29 00:00:00
GRUB2 regression
2020-08-04 00:00:00
prion
prion
Design/Logic Flaw
2020-09-15 19:15:00
Buffer overflow
2020-07-30 13:15:00
githubexploit
githubexploit
Exploit for Improper Verification of Cryptographic Signature in Redhat Enterprise Linux
2020-06-06 04:44:38
Exploit for Classic Buffer Overflow in Gnu Grub2
2020-07-29 00:01:41
cve
cve
CVE-2020-10759
2020-09-15 19:15:00
CVE-2020-10713
2020-07-30 13:15:00
redhat
redhat
(RHSA-2020:4436) Low: gnome-software and fwupd security, bug fix, and enhancement update
2020-11-03 12:04:30
(RHSA-2020:4172) Important: Red Hat Virtualization security, bug fix, and enhancement update
2020-10-05 12:59:40
(RHSA-2020:4115) Important: redhat-release-virtualization-host and redhat-virtualization-host security update
2020-09-30 09:07:09
ubuntucve
ubuntucve
CVE-2020-10759
2020-06-09 00:00:00
CVE-2020-10713
2020-07-29 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: fwupd-1.3.10-1.fc31
2020-06-26 01:08:05
[SECURITY] Fedora 32 Update: libjcat-0.1.2-2.fc32
2020-06-16 01:31:13
[SECURITY] Fedora 31 Update: grub2-2.02-110.fc31
2020-09-27 01:05:37
archlinux
archlinux
[ASA-202007-6] libjcat: insufficient validation
2020-07-31 00:00:00
redhatcve
redhatcve
CVE-2020-10759
2020-06-05 05:24:25
CVE-2020-10713
2022-05-14 11:41:20
veracode
veracode
Signature Verification Bypass
2020-06-11 08:13:51
Arbitrary Code Execution
2020-07-30 02:02:32
rocky
rocky
gnome-software and fwupd security, bug fix, and enhancement update
2020-11-03 12:04:30
debiancve
debiancve
CVE-2020-10759
2020-09-15 19:15:00
CVE-2020-10713
2020-07-30 13:15:00
mageia
mageia
Updated fwupd packages fix a security vulnerability
2021-03-30 23:08:49
Updated grub2 packages fix security vulnerabilities
2021-07-09 01:43:19
debian
debian
[SECURITY] [DLA 2274-1] fwupd security update
2020-07-09 09:36:40
[SECURITY] [DSA 4735-1] grub2 security update
2020-07-29 16:59:52
lenovo
lenovo
GRUB2 Vulnerability – AKA
2020-07-30 15:15:08
GRUB2 Vulnerability – AKA
2020-07-30 15:15:08
cisa
cisa
GNU GRUB2 Vulnerability
2020-07-30 00:00:00
alpinelinux
alpinelinux
CVE-2020-10713
2020-07-30 13:15:00
checkpoint_security
checkpoint_security
Check Point response to CVE-2020-10713 (GRUB2 bootloader is vulnerable to buffer overflow)
2020-08-02 22:52:23
f5
f5
K42232641 : GRUB2 vulnerability CVE-2020-10713
2020-08-07 00:00:00
cert
cert
GRUB2 bootloader is vulnerable to buffer overflow
2020-07-29 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-10713 affecting package grub2 2.06~rc1-7
2022-04-26 20:17:11
CVE-2020-10713 affecting package grub2 2.06~rc1-10
2021-05-06 23:56:52
ibm
ibm
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a GNU GRUB2 security vulnerability (CVE-2020-10713)
2020-10-02 15:35:07
Security Bulletin: IBM Cloud Kubernetes Service is affected by a GNU GRUB2 security vulnerability (CVE-2020-10713)
2020-10-02 15:34:42
Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to Using Components with Known Vulnerabilities
2020-10-30 16:18:45
thn
thn
Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems
2020-07-29 19:13:00
huawei
huawei
Security Advisory - Buffer Overflow Vulnerability BootHole in GRUB2 Secure Boot
2020-09-23 00:00:00
cisco
cisco
GRUB2 Arbitrary Code Execution Vulnerability
2020-08-04 23:00:00
attackerkb
attackerkb
CVE-2020-10713 - BootHole
2020-07-30 00:00:00
threatpost
threatpost
Billions of Devices Impacted by Secure Boot Bypass
2020-07-29 19:53:23
oraclelinux
oraclelinux
kernel security and bug fix update
2020-07-30 00:00:00
kernel security and bug fix update
2020-07-30 00:00:00
grub2 security update
2020-07-29 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2020-07-30 00:08:16
grub2, mokutil, shim security update
2020-07-30 00:08:50
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0311
2020-07-30 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0267
2020-07-30 00:00:00
Important Photon OS Security Update - PHSA-2020-0120
2020-07-23 00:00:00
qualysblog
qualysblog
GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®
2020-08-03 21:35:38
hp
hp
HPSBHF03678 rev. 2 - GRUB2 Bootloader Arbitrary Code Execution
2020-07-25 00:00:00
redos
redos
ROS-20220920-01
2022-09-20 00:00:00
mscve
mscve
Microsoft Guidance for Addressing Security Feature Bypass in GRUB
2020-07-29 07:00:00

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for ELSA-2020-4436
nessus64suse4gentoo2almalinux1openvas41osv5ubuntu3prion2githubexploit2cve2redhat22ubuntucve2fedora4archlinux1redhatcve2veracode2rocky1debiancve2mageia2debian2lenovo2cisa1alpinelinux1checkpoint_security1f51cert1cbl_mariner2ibm3thn1huawei1cisco1attackerkb1threatpost1oraclelinux5centos2photon5qualysblog1hp1redos1mscve1