Format: 1.8 Date: Fri, 25 Nov 2022 09:51:54 -0500 Source: u-boot Binary: u-boot-amlogic u-boot-mvebu u-boot-qcom u-boot-rockchip u-boot-rpi u-boot-sunxi u-boot-tegra u-boot-tools Architecture: arm64 Version: 2021.01+dfsg-3ubuntu0~20.04.5 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: u-boot-amlogic - A boot loader for amlogic systems u-boot-mvebu - A boot loader for marvell systems u-boot-qcom - A boot loader for qcom systems u-boot-rockchip - A boot loader for rockchip systems u-boot-rpi - A boot loader for Raspberry PI systems u-boot-sunxi - A boot loader for sunxi systems u-boot-tegra - A boot loader for NVIDIA Tegra systems u-boot-tools - companion tools for Das U-Boot bootloader Changes: u-boot (2021.01+dfsg-3ubuntu0~20.04.5) focal-security; urgency=medium . * SECURITY UPDATE: unchecked length field in DFU implementation - debian/patches/CVE-2022-2347-pre1.patch: handle short frame result of UPLOAD in state_dfu_idle in drivers/usb/gadget/f_dfu.c. - debian/patches/CVE-2022-2347.patch: fix the unchecked length field in drivers/usb/gadget/f_dfu.c. - CVE-2022-2347 * SECURITY UPDATE: buffer overflow via invalid packets - debian/patches/CVE-2022-30552_30790.patch: check for the minimum IP fragmented datagram size in include/net.h, net/net.c. - CVE-2022-30552 - CVE-2022-30790 * SECURITY UPDATE: incomplete fix for CVE-2019-14196 - debian/patches/CVE-2022-30767.patch: switch length to unsigned int in net/nfs.c. - CVE-2022-30767 * SECURITY UPDATE: out of bounds write via sqfs_readdir() - debian/patches/CVE-2022-33103.patch: prevent arbitrary code execution in fs/squashfs/sqfs.c, include/fs.h. - CVE-2022-33103 * SECURITY UPDATE: heap buffer overflow in metadata reading - debian/patches/CVE-2022-33967.patch: use kcalloc when relevant in fs/squashfs/sqfs.c. - CVE-2022-33967 * SECURITY UPDATE: stack overflow in i2c md command - debian/patches/CVE-2022-34835.patch: switch to unsigned int in cmd/i2c.c. - CVE-2022-34835 Checksums-Sha1: a983273e380b27718ad0fcd17263095abd145c85 560092 u-boot-amlogic_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 221d3dcf4d609407ee7cc8ba680b392dc01b47c8 291000 u-boot-mvebu_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 4d6396e751075172e6c91d33d91a827d97c1642d 305056 u-boot-qcom_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 8ea6ccbe291d3dd3c24d41fbd3684e34661f3111 815812 u-boot-rockchip_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 2b37e1185d68f7476f3c19328e1caa5eb703025c 345760 u-boot-rpi_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 96735f0f48aea3805364da15256023f54f1fab1e 969216 u-boot-sunxi_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 8db99fda5a9cb55abfd623c2e46f2cae740ef9bb 262968 u-boot-tegra_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 6dab886ddce1180a0709782551d34b7e6cd93ce4 19172 u-boot-tools-dbgsym_2021.01+dfsg-3ubuntu0~20.04.5_arm64.ddeb 17a0279322e76c6c099bb1d3556a52fa9b47aff8 155924 u-boot-tools_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb fca1e309cb7f7676bb14cc0b21792fb909ad7912 9178 u-boot_2021.01+dfsg-3ubuntu0~20.04.5_arm64.buildinfo Checksums-Sha256: 7ab2adc2b873504edf641898dfe7bee37141f2024d9745cb65347c7b05845cee 560092 u-boot-amlogic_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 99429a5c22f741854b71d00b4ab31dee1072354dc4f6bd2c276f80607c9b0a3e 291000 u-boot-mvebu_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 23844a2b689912d04bb77d9da68aa93a512488c109d400e33b6083abd1b4d1ad 305056 u-boot-qcom_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb d2935dd7646cc67c5d07ce57130c1a060681c33e2a627692cf977005289719f9 815812 u-boot-rockchip_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb ee5104b9e85e7fb0b6bc2b4590c7b630d1ee2f283f591a793fef2dec9b48ee98 345760 u-boot-rpi_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 61b1a1f7b517420c4988376381f3cabbf6ac3e30182ed89ec9bce5b5ea4902d9 969216 u-boot-sunxi_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb b1ef60abe39591df4ba0301f2c022ab519a2e5c8b8c9800197acff55280179c9 262968 u-boot-tegra_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb efca7ca267f92b4b7bbca289b6cebc314667e7fc60577f8e09d9082c4cdca6b2 19172 u-boot-tools-dbgsym_2021.01+dfsg-3ubuntu0~20.04.5_arm64.ddeb 408c1830c2af4f55b962de00d0f22d3ed7c413fed8ee59dd247b6fa709910bd9 155924 u-boot-tools_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb ebd3f0d5e2aa7822b8c9420bbf805450925c4d98eb551b45d717792935828ef3 9178 u-boot_2021.01+dfsg-3ubuntu0~20.04.5_arm64.buildinfo Files: 6d666252c45f8dbb5d50c5955af57f98 560092 admin optional u-boot-amlogic_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb de9e724a452ec392bfffb7e47ca96e4a 291000 admin optional u-boot-mvebu_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 17f9e2eea41e212bd0426ec3b0f1b0a1 305056 admin optional u-boot-qcom_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 8058428d2c595b1cb4d95c6be0d4de92 815812 admin optional u-boot-rockchip_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb e7f02eca271cb1bf5979b9df893bb713 345760 admin optional u-boot-rpi_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 0d32600c60c5ae6263af9cd1b98e3d07 969216 admin optional u-boot-sunxi_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 9fe25ab1cc3d46976d06e0e329c4853d 262968 admin optional u-boot-tegra_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 5d3662f412b38e2355c99a281dba595b 19172 debug optional u-boot-tools-dbgsym_2021.01+dfsg-3ubuntu0~20.04.5_arm64.ddeb 6ff56bea72b2f5649da585b0855a5479 155924 admin optional u-boot-tools_2021.01+dfsg-3ubuntu0~20.04.5_arm64.deb 3a7b2cf0e4dc9bec411f47e810403027 9178 admin optional u-boot_2021.01+dfsg-3ubuntu0~20.04.5_arm64.buildinfo Original-Maintainer: Vagrant Cascadian