** Description changed: [Impact] Security vulnerabilities. [Test Case] + Regression tested only (boot Ubuntu from disk, PXE boot) [Fix] + https://github.com/tianocore/edk2/commit/84110bbe4bb3a346514b9bb12eadb7586bca7dfd + https://github.com/tianocore/edk2/commit/ffe5f7a6b4e978dffbe1df228963adc914451106 + https://github.com/tianocore/edk2/commit/fccdb88022c1f6d85c773fce506b10c879063f1d + https://github.com/tianocore/edk2/commit/89910a39dcfd788057caa5d88b7e76e112d187b5 + https://github.com/tianocore/edk2/commit/38c9fbdcaa0219eb86fe82d90e3f8cfb5a54be9f [Regression Risk] + Risks include breaking DNS is some circumstances, possibly breaking image processing, partition detection, and RAM disk usage. This is mitigated by these patches having been upstream for some time, requiring minimal backporting to the Ubuntu versions.
** Description changed: [Impact] Security vulnerabilities. [Test Case] Regression tested only (boot Ubuntu from disk, PXE boot) [Fix] https://github.com/tianocore/edk2/commit/84110bbe4bb3a346514b9bb12eadb7586bca7dfd https://github.com/tianocore/edk2/commit/ffe5f7a6b4e978dffbe1df228963adc914451106 https://github.com/tianocore/edk2/commit/fccdb88022c1f6d85c773fce506b10c879063f1d https://github.com/tianocore/edk2/commit/89910a39dcfd788057caa5d88b7e76e112d187b5 https://github.com/tianocore/edk2/commit/38c9fbdcaa0219eb86fe82d90e3f8cfb5a54be9f [Regression Risk] - Risks include breaking DNS is some circumstances, possibly breaking image processing, partition detection, and RAM disk usage. This is mitigated by these patches having been upstream for some time, requiring minimal backporting to the Ubuntu versions. + Risks include breaking DNS is some circumstances, possibly breaking image processing, partition detection, and RAM disk usage. This is mitigated by these patches having been upstream for some time, having already shipped in Ubuntu 19.04, and requiring minimal backporting to the Ubuntu versions. ** Changed in: edk2 (Ubuntu Cosmic) Status: Confirmed => In Progress ** Changed in: edk2 (Ubuntu Bionic) Status: Confirmed => In Progress ** Changed in: edk2 (Ubuntu Bionic) Assignee: (unassigned) => dann frazier (dannf) ** Changed in: edk2 (Ubuntu Cosmic) Assignee: (unassigned) => dann frazier (dannf) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820764 Title: CVE-2018-12178 CVE-2018-12180 CVE-2018-12181 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/1820764/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
