------------------------------------------------------------------------- Debian LTS Advisory DLA-3852-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 30, 2024 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : edk2 Version : 0~20181115.85588389-3+deb10u4 CVE ID : CVE-2023-48733 Mate Kukri discovered the Debian build of EDK2, a UEFI firmware implementation, used an insecure default configuration which could result in Secure Boot bypass via the UEFI shell. For Debian 10 buster, this problem has been fixed in version 0~20181115.85588389-3+deb10u4. We recommend that you upgrade your edk2 packages. For the detailed security status of edk2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/edk2 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: This is a digitally signed message part