26 matches found
MiracleLinux 8 : appstream-data-8-20200724.el8, fwupd-1.4.2-4.0.2.el8, gnome-software-3.36.1-4.el8, libxmlb-0.1.15-1.el8 (AXSA:2021-1476:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1476:01 advisory. fwupd: Possible bypass in signature verification CVE-2020-10759 Tenable has extracted the preceding description block directly from the MiracleLinux security...
RHEL 7 : fwupd (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - fwupd: Possible bypass in signature verification CVE-2020-10759 Note that Nessus has not tested for this issue but...
OESA-2022-1801 fwupd security update
aims to make updating firmware on Linux automatic, safe and reliable. Security Fixes: A PGP signature bypass flaw was found in fwupd all versions, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because th...
AlmaLinux 8 : gnome-software and fwupd (ALSA-2020:4436)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:4436 advisory. - A PGP signature bypass flaw was found in fwupd all versions, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is...
SUSE: Security Advisory (SUSE-SU-2020:1681-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:1107-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : fwupd (openSUSE-2021-522)
This update for fwupd fixes the following issues : - Update to version 1.2.14: bsc1182057 - Add SBAT section to EFI images bsc1182057 - CVE-2020-10759: Validate that gpgmeopverifyresult returned at least one signature bsc1172643 This update was imported from the SUSE:SLE-15-SP2:Update update...
SUSE SLED15 / SLES15 Security Update : fwupd (SUSE-SU-2021:1107-1)
This update for fwupd fixes the following issues : Update to version 1.2.14: bsc1182057 Add SBAT section to EFI images bsc1182057 CVE-2020-10759: Validate that gpgmeopverifyresult returned at least one signature bsc1172643 Note that Tenable Network Security has extracted the preceding description...
CentOS 8 : gnome-software and fwupd (CESA-2020:4436)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4436 advisory. - fwupd: Possible bypass in signature verification CVE-2020-10759 Note that Nessus has not tested for this issue but has instead relied only on the application'...
Oracle Linux 8 : gnome-software / and / fwupd (ELSA-2020-4436)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-4436 advisory. - Add signing with redhatsecureboot503 cert Related: CVE-2020-10713 - Security fix for CVE-2020-10759 Tenable has extracted the preceding description block...
RHEL 8 : gnome-software and fwupd (RHSA-2020:4436)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4436 advisory. The gnome-software packages contain an application that makes it easy to add, remove, and update software in the GNOME desktop. The appstream-data...
RLSA-2020:4436 Low: gnome-software and fwupd security, bug fix, and enhancement update
The gnome-software packages contain an application that makes it easy to add, remove, and update software in the GNOME desktop. The appstream-data package provides the distribution specific AppStream metadata required for the GNOME and KDE software centers. The fwupd packages provide a service th...
ALSA-2020:4436 Low: gnome-software and fwupd security, bug fix, and enhancement update
The gnome-software packages contain an application that makes it easy to add, remove, and update software in the GNOME desktop. The appstream-data package provides the distribution specific AppStream metadata required for the GNOME and KDE software centers. The fwupd packages provide a service th...
Low: gnome-software and fwupd security, bug fix, and enhancement update
The gnome-software packages contain an application that makes it easy to add, remove, and update software in the GNOME desktop. The appstream-data package provides the distribution specific AppStream metadata required for the GNOME and KDE software centers. The fwupd packages provide a service th...
CVE-2020-10759
A PGP signature bypass flaw was found in fwupd all versions, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service LVFS is either not implemented or enabled in versions ...
CVE-2020-10759
A PGP signature bypass flaw was found in fwupd all versions, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service LVFS is either not implemented or enabled in versions ...
CVE-2020-10759
A PGP signature bypass flaw was found in fwupd all versions, which could lead to the installation of unsigned firmware. As per upstream, a signature bypass is theoretically possible, but not practical because the Linux Vendor Firmware Service LVFS is either not implemented or enabled in versions ...
openSUSE Security Update : fwupd (openSUSE-2020-849)
This update for fwupd fixes the following issues : - CVE-2020-10759: Fixed a potential PGP signature bypass, which could have led to installation of unsigned firmware bsc1172643 This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descripti...
Debian: Security Advisory (DLA-2274-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 31 : fwupd (2020-ad1c74c2a1)
New upstream release - Actually reload the DFU device after upgrade has completed - Capture the dock SKU in report metadata - Correctly set the Logitech device protocol - Do not use shim for non-secure boot configurations - Ensure that the DeviceID is set for child devices - Fix an error when...