ovmf-20180508-3.gitee3198e672e2.el7
エラータID: AXSA:2018-3368:02
OVMF (Open Virtual Machine Firmware) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.
The following packages have been upgraded to a later upstream version: ovmf (20180508). (BZ#1559542)
Security Fix(es):
* openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Asianux Server 7.6 Release Notes linked from the References section.
CVE-2018-0739
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).
Update packages.
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).
N/A
SRPMS
- ovmf-20180508-3.gitee3198e672e2.el7.src.rpm
MD5: aac02405bac4a722857bff17c58f129d
SHA-256: ea09646a7d076bab5c3e9dde47ebd04be8f23c439421af6a98433942098294a9
Size: 21.92 MB
Asianux Server 7 for x86_64
- OVMF-20180508-3.gitee3198e672e2.el7.noarch.rpm
MD5: 8e09c2c80c7f971a033715630af2e613
SHA-256: 1ce247b18e924c83a7d8b14bec0094e91f0e98946decbc028b1a7508e39c3269
Size: 1.58 MB