fwupd security and bug fix update

2023-05-1500:00:00

linux.oracle.com

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

26.2%

JSON

[1.8.10-2.0.1]

Drop pesign.service restart in postun [Orabug: 34760075]
Update signing certificate [JIRA: OLDIS-16371]
Rebuild for SecureBoot signatures [Orabug: 33801813]
Build with the updated Oracle certificate
Use oraclesecureboot301 as certdir [Orabug: 29881368]
Use new signing certificate (Alex Burmashev)
Update SBAT data to include Oracle [Oracle: 33072886]
[1.8.10-2]
Rebuild because distrobaker did entirely the wrong thing.
Resolves: rhbz#2128384, needed for rhbz#2119436 and rhbz#2128384
[1.8.10-1]
Rebase to latest upstream release to fix multiple ESP detection problems
Resolves: rhbz#2128384, needed for rhbz#2119436 and rhbz#2128384
[1.7.10-1]
New upstream release
Resolves: rhbz#2129280
[1.7.9-2]
Include the new dbx updates on the filesystem; clients typically do not have LVFS enabled.
Resolves: rhbz#2120708
[1.7.8-1]
New upstream release
Resolves: rhbz#2059075
[1.7.4-3]
Disable the Logitech bulkcontroller plugin to avoid adding a dep to protobuf-c
which lives in AppStream, not BaseOS.
Use the efi_vendor variable from EFI-RPM
Resolves: rhbz#2064904
[1.7.4-1]
New upstream release
Backport Fedora 34 changes
Include support for Lenovo TBT4 Docking stations
Do not cause systemd-modules-load failures
Build against a new enough pesign
Resolves: rhbz#2007520
[1.7.1-1]
New upstream release
Backport Fedora 34 changes
Include support for Dell TBT4 Docking stations
Resolves: rhbz#1974347
Resolves: rhbz#1991426
[1.5.9-4]
Rebuilt to use redhatsecureboot503 signatures
Undo last Fedora sync to use the RHEL-specific patches
Resolves: rhbz#2007520
[1.5.9-3]
Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
[1.5.9-2]
Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
[1.5.9-1]
Rebase to include the SBAT metadata section to allow fixing BootHole
Resolves: rhbz#1951030
[1.5.5-4]
Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
[1.5.5-3]
Backport a patch from master to drop the python3-pillow dep
Resolves: rhbz#1935838

OSVersionArchitecturePackageVersionFilename
oracle linux9srcfwupd< 1.8.10-2.0.1.el9fwupd-1.8.10-2.0.1.el9.src.rpm
oracle linux9aarch64fwupd< 1.8.10-2.0.1.el9fwupd-1.8.10-2.0.1.el9.aarch64.rpm
oracle linux9aarch64fwupd-devel< 1.8.10-2.0.1.el9fwupd-devel-1.8.10-2.0.1.el9.aarch64.rpm
oracle linux9aarch64fwupd-plugin-flashrom< 1.8.10-2.0.1.el9fwupd-plugin-flashrom-1.8.10-2.0.1.el9.aarch64.rpm
oracle linux9srcfwupd< 1.8.10-2.0.1.el9fwupd-1.8.10-2.0.1.el9.src.rpm
oracle linux9x86_64fwupd< 1.8.10-2.0.1.el9fwupd-1.8.10-2.0.1.el9.x86_64.rpm
oracle linux9x86_64fwupd-devel< 1.8.10-2.0.1.el9fwupd-devel-1.8.10-2.0.1.el9.x86_64.rpm
oracle linux9x86_64fwupd-plugin-flashrom< 1.8.10-2.0.1.el9fwupd-plugin-flashrom-1.8.10-2.0.1.el9.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	9	src	fwupd	< 1.8.10-2.0.1.el9	fwupd-1.8.10-2.0.1.el9.src.rpm
oracle linux	9	aarch64	fwupd	< 1.8.10-2.0.1.el9	fwupd-1.8.10-2.0.1.el9.aarch64.rpm
oracle linux	9	aarch64	fwupd-devel	< 1.8.10-2.0.1.el9	fwupd-devel-1.8.10-2.0.1.el9.aarch64.rpm
oracle linux	9	aarch64	fwupd-plugin-flashrom	< 1.8.10-2.0.1.el9	fwupd-plugin-flashrom-1.8.10-2.0.1.el9.aarch64.rpm
oracle linux	9	src	fwupd	< 1.8.10-2.0.1.el9	fwupd-1.8.10-2.0.1.el9.src.rpm
oracle linux	9	x86_64	fwupd	< 1.8.10-2.0.1.el9	fwupd-1.8.10-2.0.1.el9.x86_64.rpm
oracle linux	9	x86_64	fwupd-devel	< 1.8.10-2.0.1.el9	fwupd-devel-1.8.10-2.0.1.el9.x86_64.rpm
oracle linux	9	x86_64	fwupd-plugin-flashrom	< 1.8.10-2.0.1.el9	fwupd-plugin-flashrom-1.8.10-2.0.1.el9.x86_64.rpm