edk2 security update

2024-06-0300:00:00

linux.oracle.com

edk2

security update

fixed cves

openssl 3.0.10

release

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

EPSS

0.005

Percentile

76.7%

JSON

Tue Feb 27 2024 Aaron Young

Create new 20240227 release for OL9 which includes the following fixed CVEs:
{CVE-2023-45229} {CVE-2023-45230} {CVE-2023-45231} {CVE-2023-45232} {CVE-2023-45233} {CVE-2023-45234} {CVE-2023-45235} {CVE-2022-36763} {CVE-2022-36764} {CVE-2022-36765}
Update to OpenSSL 3.0.10 which includes the following fixed CVEs:
{CVE-2023-2975} {CVE-2023-1255} {CVE-2023-0401} {CVE-2023-0217} {CVE-2023-0216} {CVE-2023-0215} {CVE-2022-4203} {CVE-2022-3996} {CVE-2022-3602} {CVE-2022-3786} {CVE-2022-3358} {CVE-2022-2274} {CVE-2022-1473} {CVE-2022-1434} {CVE-2022-1343} {CVE-2021-4044} {CVE-2021-23839}

Tue Aug 22 2023 Aaron Young

Create new 20230822.cvm release for OL9

OSVersionArchitecturePackageVersionFilename
oracle linux9srcedk2< 20240227-5.el9edk2-20240227-5.el9.src.rpm
oracle linux9aarch64edk2-tools< 20240227-5.el9edk2-tools-20240227-5.el9.aarch64.rpm
oracle linux9srcedk2< 20240227-5.el9edk2-20240227-5.el9.src.rpm
oracle linux9x86_64edk2-tools< 20240227-5.el9edk2-tools-20240227-5.el9.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	9	src	edk2	< 20240227-5.el9	edk2-20240227-5.el9.src.rpm
oracle linux	9	aarch64	edk2-tools	< 20240227-5.el9	edk2-tools-20240227-5.el9.aarch64.rpm
oracle linux	9	src	edk2	< 20240227-5.el9	edk2-20240227-5.el9.src.rpm
oracle linux	9	x86_64	edk2-tools	< 20240227-5.el9	edk2-tools-20240227-5.el9.x86_64.rpm