Update for gnu-efi, pesign, shim SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:1967-1 Final 1 1 2015-01-20T13:18:33Z current 2015-01-20T13:18:33Z 2015-01-20T13:18:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Update for gnu-efi, pesign, shim shim was updated to fix several security issues. - OOB read access when parsing DHCPv6 packets (remote DoS) (CVE-2014-3675). - Heap overflow when parsing IPv6 addresses provided by tftp:// DHCPv6 boot option (RCE) (CVE-2014-3676). - Memory corruption when processing user provided MOK lists (CVE-2014-3677). More information is available at https://bugzilla.novell.com/show_bug.cgi?id=889332 To enable this update gnu-efi was updated to 3.0u and pesign to version 0.109 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-07/msg00094.html E-Mail link for openSUSE-SU-2017:1967-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings gnu-efi-3.0u-2.5.1 pesign-0.109-3.9.2 shim-0.7.318.81ee561d-7.2 Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet. CVE-2014-3675 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-07/msg00094.html https://www.suse.com/security/cve/CVE-2014-3675.html CVE-2014-3675 https://bugzilla.suse.com/889332 SUSE Bug 889332 Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option." CVE-2014-3676 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-07/msg00094.html https://www.suse.com/security/cve/CVE-2014-3676.html CVE-2014-3676 https://bugzilla.suse.com/889332 SUSE Bug 889332 Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption. CVE-2014-3677 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-07/msg00094.html https://www.suse.com/security/cve/CVE-2014-3677.html CVE-2014-3677 https://bugzilla.suse.com/889332 SUSE Bug 889332