SUSE-SU-2020:2627-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:2627-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2020:2627-1

Related

CVE-2020-10713

Published

2020-09-14T16:11:27Z

Modified

2020-09-14T16:11:27Z

Summary

Security update for shim

Details

This update for shim fixes the following issues:

Update to the unified shim binary from SUSE Linux Enterprise 15-SP1 (bsc#1168994)

This update addresses the 'BootHole' security issue (master CVE CVE-2020-10713), by disallowing binaries signed by the previous SUSE UEFI signing key from booting.

This update should only be installed after updates of grub2, the Linux kernel and (if used) Xen from July / August 2020 are applied.

Additional fixes:

shim-install: install MokManager to \EFI\boot to process the pending MOK request (bsc#1175626, bsc#1175656)

References

Affected packages

SUSE:HPE Helion OpenStack 8 / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=HPE%20Helion%20OpenStack%208

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}

SUSE:OpenStack Cloud 8 / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20OpenStack%20Cloud%208

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}

SUSE:OpenStack Cloud 9 / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20OpenStack%20Cloud%209

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}

SUSE:OpenStack Cloud Crowbar 8 / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}

SUSE:OpenStack Cloud Crowbar 9 / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP4 / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3-LTSS / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3-BCL / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP4-LTSS / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}

SUSE:Enterprise Storage 5 / shim

Package

Name: shim
Purl: purl:rpm/suse/shim&distro=SUSE%20Enterprise%20Storage%205

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15+git47-25.11.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15+git47-25.11.1"
        }
    ]
}