Source: shim Version: 15.7-1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: found -1 15.7-1~deb11u1
Hi, The following vulnerabilities were published for shim. According to [6]: * Various CVE fixes: CVE-2023-40546 mok: fix LogError() invocation CVE-2023-40547 - avoid incorrectly trusting HTTP headers CVE-2023-40548 Fix integer overflow on SBAT section size on 32-bit system CVE-2023-40549 Authenticode: verify that the signature header is in bounds. CVE-2023-40550 pe: Fix an out-of-bound read in verify_buffer_sbat() CVE-2023-40551: pe-relocate: Fix bounds check for MZ binaries If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-40546 https://www.cve.org/CVERecord?id=CVE-2023-40546 [1] https://security-tracker.debian.org/tracker/CVE-2023-40547 https://www.cve.org/CVERecord?id=CVE-2023-40547 [2] https://security-tracker.debian.org/tracker/CVE-2023-40548 https://www.cve.org/CVERecord?id=CVE-2023-40548 [3] https://security-tracker.debian.org/tracker/CVE-2023-40549 https://www.cve.org/CVERecord?id=CVE-2023-40549 [4] https://security-tracker.debian.org/tracker/CVE-2023-40550 https://www.cve.org/CVERecord?id=CVE-2023-40550 [5] https://security-tracker.debian.org/tracker/CVE-2023-40551 https://www.cve.org/CVERecord?id=CVE-2023-40551 [6] https://github.com/rhboot/shim/releases/tag/15.8 Regards, Salvatore