shim has been updated to fix three security issues:
* OOB read access when parsing DHCPv6 packets (remote DoS)
(CVE-2014-3675).
* Heap overflow when parsing IPv6 addresses provided by tftp:// DHCPv6
boot option (RCE) (CVE-2014-3676).
* Memory corruption when processing user provided MOK lists
(CVE-2014-3677).
Security Issues:
* CVE-2014-3675
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3675">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3675</a>>
* CVE-2014-3676
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3676">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3676</a>>
* CVE-2014-3677
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3677">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3677</a>>
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
SUSE Linux Enterprise Server for VMware | 11.3 | x86_64 | gnu-efi | < 3.0u-0.7.2 | gnu-efi-3.0u-0.7.2.x86_64.rpm |
SUSE Linux Enterprise Server for VMware | 11.3 | x86_64 | shim | < 0.7.318.81ee561d-0.9.2 | shim-0.7.318.81ee561d-0.9.2.x86_64.rpm |
SUSE Linux Enterprise Server | 11.3 | x86_64 | gnu-efi | < 3.0u-0.7.2 | gnu-efi-3.0u-0.7.2.x86_64.rpm |
SUSE Linux Enterprise Server | 11.3 | x86_64 | shim | < 0.7.318.81ee561d-0.9.2 | shim-0.7.318.81ee561d-0.9.2.x86_64.rpm |
SUSE Linux Enterprise Desktop | 11.3 | x86_64 | shim | < 0.7.318.81ee561d-0.9.2 | shim-0.7.318.81ee561d-0.9.2.x86_64.rpm |
SUSE Linux Enterprise Software Development Kit | 11.3 | x86_64 | gnu-efi | < 3.0u-0.7.2 | gnu-efi-3.0u-0.7.2.x86_64.rpm |
download.suse.com/patch/finder/?keywords=9aaff893726e6b56bde50850c3154ed1
bugzilla.suse.com/show_bug.cgi?id=813448
bugzilla.suse.com/show_bug.cgi?id=863205
bugzilla.suse.com/show_bug.cgi?id=866690
bugzilla.suse.com/show_bug.cgi?id=875385
bugzilla.suse.com/show_bug.cgi?id=889332
bugzilla.suse.com/show_bug.cgi?id=889765