Lucene search
OracleLinuxELSA-2023-7189HistoryNov 17, 2023 - 12:00 a.m.
fwupd security update
2023-11-1700:00:00
linux.oracle.com
12
fwupd
security update
oracle certificate
redfish
idrac
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
28.6%
[1.7.8-2.0.1]
- Modify %prep to correctly apply downstream patches
- Align sections to 512 bytes [Orabug: 35265981]
- Use objcopy to build arm/aarch64 binaries if binutils 2.30-113.0.3 or newer [Orabug: 35265981]
- Enabled signing for aarch64 [Orabug: 35265981]
- Modify meson.build for fwupd-efi [Orabug: 35265981]
- Update SBAT data to include Oracle [Oracle: 33072886]
- Build with the updated Oracle certificate
- Use oraclesecureboot301 as certdir [Orabug: 29881368]
- Use new signing certificate (Alex Burmashev)
[1.7.8-2] - Backport the Redfish security fixes which affect IDRAC.
- Resolves: rhbz#2170950
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | fwupd | < 1.7.8-2.0.1.el8 | fwupd-1.7.8-2.0.1.el8.src.rpm |
| oracle linux | 8 | src | fwupd | < 1.7.8-2.0.1.el8 | fwupd-1.7.8-2.0.1.el8.src.rpm |
| oracle linux | 8 | src | fwupd | < 1.7.8-2.0.1.el8 | fwupd-1.7.8-2.0.1.el8.src.rpm |
| oracle linux | 8 | aarch64 | fwupd | < 1.7.8-2.0.1.el8 | fwupd-1.7.8-2.0.1.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | fwupd | < 1.7.8-2.0.1.el8 | fwupd-1.7.8-2.0.1.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | fwupd-devel | < 1.7.8-2.0.1.el8 | fwupd-devel-1.7.8-2.0.1.el8.aarch64.rpm |
| oracle linux | 8 | src | fwupd | < 1.7.8-2.0.1.el8 | fwupd-1.7.8-2.0.1.el8.src.rpm |
| oracle linux | 8 | src | fwupd | < 1.7.8-2.0.1.el8 | fwupd-1.7.8-2.0.1.el8.src.rpm |
| oracle linux | 8 | src | fwupd | < 1.7.8-2.0.1.el8 | fwupd-1.7.8-2.0.1.el8.src.rpm |
| oracle linux | 8 | x86_64 | fwupd | < 1.7.8-2.0.1.el8 | fwupd-1.7.8-2.0.1.el8.x86_64.rpm |
Related
nessus
nessus
Rocky Linux 8 : fwupd (RLSA-2023:7189)
2023-11-28 00:00:00
RHEL 8 : fwupd (RHSA-2024:1106)
2024-03-05 00:00:00
RHEL 8 : fwupd (RHSA-2023:7189)
2023-11-14 00:00:00
ubuntucve
ubuntucve
CVE-2022-3287
2022-09-28 00:00:00
alpinelinux
alpinelinux
CVE-2022-3287
2022-09-28 20:15:00
osv
osv
CVE-2022-3287
2022-09-28 20:15:18
Moderate: fwupd security update
2023-11-14 00:00:00
Moderate: fwupd security update
2023-11-28 22:42:52
redhatcve
redhatcve
CVE-2022-3287
2022-09-28 12:48:53
cve
cve
CVE-2022-3287
2022-09-28 20:15:18
cnvd
cnvd
fwupd information disclosure vulnerability
2022-09-30 00:00:00
prion
prion
Authorization
2022-09-28 20:15:00
redhat
redhat
(RHSA-2024:1106) Moderate: fwupd security update
2024-03-05 10:44:56
(RHSA-2024:1403) Moderate: fwupd security update
2024-03-19 16:35:06
(RHSA-2023:7189) Moderate: fwupd security update
2023-11-14 08:47:29
rocky
rocky
fwupd security update
2023-11-28 22:42:52
veracode
veracode
Information Disclosure
2022-10-11 13:16:39
cvelist
cvelist
CVE-2022-3287
2022-09-28 19:07:38
debiancve
debiancve
CVE-2022-3287
2022-09-28 20:15:18
almalinux
almalinux
Moderate: fwupd security update
2023-11-14 00:00:00
Moderate: fwupd security and bug fix update
2023-05-09 00:00:00
nvd
nvd
CVE-2022-3287
2022-09-28 20:15:18
oraclelinux
oraclelinux
fwupd security and bug fix update
2023-05-15 00:00:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
28.6%
Related for ELSA-2023-7189