SUSE-SU-2023:2084-1

Source
https://www.suse.com/support/update/announcement/2023/suse-su-20232084-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2084-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:2084-1
Related
Published
2023-05-02T11:32:01Z
Modified
2023-05-02T11:32:01Z
Summary
Security update for shim
Details

This update for shim fixes the following issues:

  • CVE-2022-28737 was missing as reference previously.

  • Upgrade shim-install for bsc#1210382

    After closing Leap-gap project since Leap 15.3, openSUSE Leap direct uses shim from SLE. So the castring is 'SUSE Linux Enterprise Secure Boot CA1', not 'openSUSE Secure Boot CA1'. It causes that the updateboot=no, so all files in /boot/efi/EFI/boot are not updated.

    Logic was added that is using ID field in os-release for checking Leap distro and set ca_string to 'SUSE Linux Enterprise Secure Boot CA1'. Then /boot/efi/EFI/boot/* can also be updated.

References

Affected packages

SUSE:Linux Enterprise Micro 5.3 / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP4 / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 15 SP3 / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP3-LTSS / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP3 / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

SUSE:Manager Proxy 4.2 / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Manager%20Proxy%204.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

SUSE:Manager Server 4.2 / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Manager%20Server%204.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

SUSE:Enterprise Storage 7.1 / shim

Package

Name
shim
Purl
pkg:rpm/suse/shim&distro=SUSE%20Enterprise%20Storage%207.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

openSUSE:Leap Micro 5.3 / shim

Package

Name
shim
Purl
pkg:rpm/opensuse/shim&distro=openSUSE%20Leap%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}

openSUSE:Leap 15.4 / shim

Package

Name
shim
Purl
pkg:rpm/opensuse/shim&distro=openSUSE%20Leap%2015.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.7-150300.4.16.1

Ecosystem specific

{
    "binaries": [
        {
            "shim": "15.7-150300.4.16.1"
        }
    ]
}