SUSE-SU-2020:14490-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:14490-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2020:14490-1

Related

CVE-2020-10713

Published

2020-09-15T08:20:58Z

Modified

2020-09-15T08:20:58Z

Summary

Security update for shim

Details

This update for shim fixes the following issues:

Update to the unified shim binary from SUSE Linux Enterprise 15-SP1 (bsc#1168994)

This update addresses the 'BootHole' security issue (master CVE CVE-2020-10713), by disallowing binaries signed by the previous SUSE UEFI signing key from booting.

This update should only be installed after updates of grub2, the Linux kernel and (if used) Xen from or after July / August 2020 are applied.

Also fixed:

shim-install: install MokManager to \EFI\boot to process the pending MOK request (bsc#1175626, bsc#1175656)

References

Affected packages

SUSE:Linux Enterprise Server 11 SP4-LTSS / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-12.5.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-12.5.1"
        }
    ]
}