The Precise Pangolin has reached end of life, so this bug will not be
fixed for that release
** Changed in: edk2 (Ubuntu Precise)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This bug was fixed in the package edk2 - 0~20160408.ffea0a2c-2ubuntu0.1
---
edk2 (0~20160408.ffea0a2c-2ubuntu0.1) xenial; urgency=medium
* Security fixes (LP: #1820764):
- Fix buffer overflow in BlockIo service (CVE-2018-12180)
- DNS: Check received packet size before using
** Changed in: edk2 (Ubuntu Xenial)
Status: Confirmed => In Progress
** Changed in: edk2 (Ubuntu Xenial)
Assignee: (unassigned) => dann frazier (dannf)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This bug was fixed in the package edk2 - 0~20180803.dd4cae4d-1ubuntu1.1
---
edk2 (0~20180803.dd4cae4d-1ubuntu1.1) cosmic; urgency=medium
* Security fixes (LP: #1820764):
- Fix buffer overflow in BlockIo service (CVE-2018-12180)
- DNS: Check received packet size before using
This bug was fixed in the package edk2 - 0~20180205.c0d9813c-2ubuntu0.1
---
edk2 (0~20180205.c0d9813c-2ubuntu0.1) bionic; urgency=medium
* Security fixes (LP: #1820764):
- Fix buffer overflow in BlockIo service (CVE-2018-12180)
- DNS: Check received packet size before using
Verified both cosmic & bionic builds by booting an existing guest up,
and by PXE booting in a way requiring DNS resolution.
** Tags removed: verification-needed verification-needed-bionic
verification-needed-cosmic
** Tags added: verification-done verification-done-bionic
Hello dann, or anyone else affected,
Accepted edk2 into bionic-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/edk2/0~20180205
.c0d9813c-2ubuntu0.1 in a few hours, and then in the -proposed
repository.
Please help us by testing this new package. See
** Description changed:
[Impact]
Security vulnerabilities.
[Test Case]
+ Regression tested only (boot Ubuntu from disk, PXE boot)
[Fix]
+
https://github.com/tianocore/edk2/commit/84110bbe4bb3a346514b9bb12eadb7586bca7dfd
+
On Wed, Mar 27, 2019 at 9:35 AM Janåke Rönnblom wrote:
>
> Can the edk2/ovmf package for Bionic be updated to the latest version?
>
> 0~20190309.89910a39-1ubuntu1
Sorry, no. Our policy is to backport the fixes instead.
-dann
--
You received this bug notification because you are a member of
Can the edk2/ovmf package for Bionic be updated to the latest version?
0~20190309.89910a39-1ubuntu1
-J
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820764
Title:
CVE-2018-12178 CVE-2018-12180
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: edk2 (Ubuntu Trusty)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820764
Title:
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: edk2 (Ubuntu Cosmic)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820764
Title:
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: edk2 (Ubuntu Bionic)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820764
Title:
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: edk2 (Ubuntu Xenial)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820764
Title:
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: edk2 (Ubuntu Precise)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820764
** Changed in: edk2 (Debian)
Status: Unknown => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1820764
Title:
CVE-2018-12178 CVE-2018-12180 CVE-2018-12181
To manage
** Changed in: edk2 (Ubuntu)
Status: New => Fix Released
** Also affects: edk2 (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: edk2 (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: edk2 (Ubuntu Precise)
Importance: Undecided
17 matches
Mail list logo