-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update: edk2-ovmf-bin #1318
Labels
advisory/only-sdk
affects only Flatcar SDK
advisory
security advisory
cvss/HIGH
> 7 && < 9 assessed CVSS
security
security concerns
Comments
dongsupark
added
security
security concerns
advisory
security advisory
advisory/only-sdk
affects only Flatcar SDK
labels
Jan 12, 2024
github-project-automation
bot
moved this to 📝 Needs Triage
in Flatcar tactical, release planning, and roadmap
Jan 12, 2024
dongsupark
moved this from 📝 Needs Triage
to 🪵Backlog
in Flatcar tactical, release planning, and roadmap
Jan 12, 2024
Added: CVE-2023-45229, CVE-2023-45230, CVE-2023-45231, CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235, CVE-2023-45236 and CVE-2023-45237 |
Added CVE-2024-1298. |
Added CVE-2024-38796 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
advisory/only-sdk
affects only Flatcar SDK
advisory
security advisory
cvss/HIGH
> 7 && < 9 assessed CVSS
security
security concerns
Name: edk2-ovmf-bin
CVEs: CVE-2022-36763, CVE-2022-36764, CVE-2022-36765, CVE-2023-45229, CVE-2023-45230, CVE-2023-45231, CVE-2023-45232, CVE-2023-45233, CVE-2023-45234, CVE-2023-45235, CVE-2023-45236, CVE-2023-45237, CVE-2024-1298, CVE-2024-38796,
CVSSs: 7.8, 7.8, 7.8, 6.5, 8.8, 6.5, 7.5, 7.5, 8.8, 8.8, 7.5, 7.5, 6.0, 5.9
Action Needed: TBD for CVE-2023-*, update to >= 202405 for CVE-2024-1298, >= 202408 for CVE-2024-38796
Summary:
Not critical, as edk2-ovmf-bin is only included in the Flatcar SDK.
refmap.gentoo:
The text was updated successfully, but these errors were encountered: