Format: 1.8 Date: Fri, 25 Nov 2022 10:33:01 -0500 Source: u-boot Binary: u-boot u-boot-amlogic u-boot-imx u-boot-qemu u-boot-qcom u-boot-tegra u-boot-omap u-boot-sunxi u-boot-exynos u-boot-mvebu u-boot-rockchip u-boot-rpi u-boot-sifive u-boot-tools Architecture: armhf Version: 2020.10+dfsg-1ubuntu0~18.04.3 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: u-boot - A boot loader for embedded systems u-boot-amlogic - A boot loader for amlogic systems u-boot-exynos - A boot loader for exynos systems u-boot-imx - A boot loader for imx systems u-boot-mvebu - A boot loader for marvell systems u-boot-omap - A boot loader for omap systems u-boot-qcom - A boot loader for qcom systems u-boot-qemu - A boot loader for qemu u-boot-rockchip - A boot loader for rockchip systems u-boot-rpi - A boot loader for Raspberry PI systems u-boot-sifive - A boot loader for SiFive systems u-boot-sunxi - A boot loader for sunxi systems u-boot-tegra - A boot loader for NVIDIA Tegra systems u-boot-tools - companion tools for Das U-Boot bootloader Changes: u-boot (2020.10+dfsg-1ubuntu0~18.04.3) bionic-security; urgency=medium . * SECURITY UPDATE: unchecked length field in DFU implementation - debian/patches/CVE-2022-2347-pre1.patch: handle short frame result of UPLOAD in state_dfu_idle in drivers/usb/gadget/f_dfu.c. - debian/patches/CVE-2022-2347.patch: fix the unchecked length field in drivers/usb/gadget/f_dfu.c. - CVE-2022-2347 * SECURITY UPDATE: buffer overflow via invalid packets - debian/patches/CVE-2022-30552_30790.patch: check for the minimum IP fragmented datagram size in include/net.h, net/net.c. - CVE-2022-30552 - CVE-2022-30790 * SECURITY UPDATE: incomplete fix for CVE-2019-14196 - debian/patches/CVE-2022-30767.patch: switch length to unsigned int in net/nfs.c. - CVE-2022-30767 * SECURITY UPDATE: out of bounds write via sqfs_readdir() - debian/patches/CVE-2022-33103.patch: prevent arbitrary code execution in fs/squashfs/sqfs.c, include/fs.h. - CVE-2022-33103 * SECURITY UPDATE: heap buffer overflow in metadata reading - debian/patches/CVE-2022-33967.patch: use kcalloc when relevant in fs/squashfs/sqfs.c. - CVE-2022-33967 * SECURITY UPDATE: stack overflow in i2c md command - debian/patches/CVE-2022-34835.patch: switch to unsigned int in cmd/i2c.c. - CVE-2022-34835 Checksums-Sha1: a817725994fbb855d41d4d77b10f5c96cb4c507d 401432 u-boot-exynos_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb 8a0329820ab02ed0d488aec36f4ac8e31f3e1566 923776 u-boot-imx_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb 8858adc84d1ab9e85c371f847b82edc16e33bb4e 1060128 u-boot-omap_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb a115c4bcaed166a9b5e545d492f4101a9e653516 286636 u-boot-rockchip_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb 08944b4540180f372c40322b75b701bbb1fc2826 312808 u-boot-rpi_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb f96220f5cb50eeb6769585ed7d87e8347d76471e 1542720 u-boot-sunxi_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb ff8f36db61e7d19598a837885c08ab16c31dc0b3 257052 u-boot-tegra_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb 5d350730b679593424280b98394a2d8e6bb49e2e 141952 u-boot-tools_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb e95c29e77cb96382b8423bd23c64bfca928c53f1 8854 u-boot_2020.10+dfsg-1ubuntu0~18.04.3_armhf.buildinfo 8873e7ca10bdfe450830f62a8a565fb0e17ade99 6328 u-boot_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb Checksums-Sha256: 2c76c9074d17af1b680dd40ed550aa3bad68082da0f0966d609f73de747ff96b 401432 u-boot-exynos_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb ec5eaa5a67491b11a03bc7e69b362adabf49aeffe1dc8c6991741d6a93fd24ad 923776 u-boot-imx_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb 02a91879791ef1e4e585ea622051dbe1edf81ad40d010ab3b34a7b755ebadc60 1060128 u-boot-omap_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb f4b6acf029af6c0f2124570bf2358929248054f7c59329326e7116e1af7fa0ed 286636 u-boot-rockchip_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb a608cb473a2ea120da2075afcb8ee771b25ff09218f33e379b1dfcf46067e64c 312808 u-boot-rpi_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb 1c034a54ff243fbff59edeb6b75761820eafc52a72711ff8d81455d427974257 1542720 u-boot-sunxi_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb 48867422bb42a9458cf69b83c6e46f1e3a1eb5a968563281eb245b51daefe7b0 257052 u-boot-tegra_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb a2fbc745faf2de1c792753c796a449fee647e19edb1cf4b7b46517ab87d7012d 141952 u-boot-tools_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb 236447691a8dd6575ab5ed742be08c887e98048a1ebd4df2a03907ff49201998 8854 u-boot_2020.10+dfsg-1ubuntu0~18.04.3_armhf.buildinfo 6c7e5d3cb729484b2e3c62433693be0e3564800f84208ae30bdf601148beb8ea 6328 u-boot_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb Files: 7e16e38b15b9cd38fd751f361f6914be 401432 admin optional u-boot-exynos_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb 70b3941ca2b410074f5fac1425b60965 923776 admin optional u-boot-imx_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb 5d5c4d8fbff5da474418240801a0dfe9 1060128 admin optional u-boot-omap_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb c991d1a28f9199dcf70eefb2be1e507e 286636 admin optional u-boot-rockchip_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb b563ac1ab9aa364233bb72348e951d11 312808 admin optional u-boot-rpi_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb c52e1381f6a7eed65cb00e712c77f65f 1542720 admin optional u-boot-sunxi_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb db1df8455ff808176ddfd1b334801ce7 257052 admin optional u-boot-tegra_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb 048b3795d798a81e6b6a8db14a267503 141952 admin optional u-boot-tools_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb 1e69749f408f43ecafded2f64d6f3665 8854 admin optional u-boot_2020.10+dfsg-1ubuntu0~18.04.3_armhf.buildinfo 8fd2904ba5220e2f494821058f3ba3b5 6328 admin optional u-boot_2020.10+dfsg-1ubuntu0~18.04.3_armhf.deb Original-Maintainer: Vagrant Cascadian