edk2 2023.11-7 source package in Ubuntu
Changelog
edk2 (2023.11-7) unstable; urgency=medium
* ovmf, qemu-efi-*: Stop building Secure Boot code into non-secboot
images so they can include a built-in shell which is unsafe in
Secure Boot mode.
* ovmf-ia32: Add non-secboot image. Thanks to Lionel Debroux.
(Closes: #1023491).
* debian/tests/shell.py: Add tests for ovmf-ia32 non-secboot image.
* qemu-efi-aarch64: Add non-secboot variant. AAVMF_CODE.fd is the
secboot variant, so name it AAVMF_CODE.no-secboot.fd.
* qemu-efi-aarch64: Rename the secboot variant, AAVMF_CODE.fd,
to AAVMF_CODE.secboot.fd and add a compat symlink.
* ovmf, ovmf-ia32, qemu-efi-aarch64: Stop including a built-in shell
in secboot variants, CVE-2023-48733. Thanks to Mate Kukri.
LP: #2040137.
- d/tests: Drop the boot-to-shell tests for images w/ Secure Boot.
- d/tests: Update run_cmd_check_secure_boot() to not expect shell
interaction.
-- dann frazier <email address hidden> Wed, 14 Feb 2024 07:35:13 -0700
Upload details
- Uploaded by:
- Debian QEMU Team
- Uploaded to:
- Sid
- Original maintainer:
- Debian QEMU Team
- Architectures:
- all
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| edk2_2023.11-7.dsc | 3.0 KiB | 86e4d80f382b0e9a7ce11636a379dc8d4844828b5b931dac2295a1969b43c9fb |
| edk2_2023.11.orig.tar.xz | 23.9 MiB | 7a06a495fa0f087406b43e3b2622e47e7ad4d25e55ec7fd64ba27a2295cca17d |
| edk2_2023.11-7.debian.tar.xz | 77.9 KiB | b91506d057612f3ef66e22da087cfa56d0a51aa6a2efc07e04be40999ef61845 |
Available diffs
- diff from 2023.11-6 to 2023.11-7 (pending)
No changes file available.
Binary packages built by this source
- efi-shell-aa64: UEFI Shell for 64-bit ARM architecture
The UEFI Shell provides a command line interface running on top of the EFI API.
It can be used to execute EFI binaries, to manage EFI variables and boot
options, or to display details of installed devices, drivers, and protocols.
This package contains the shellaa64.efi binary for the 64-bit ARM
architecture.
- efi-shell-arm: UEFI Shell for 32-bit ARM architecture
The UEFI Shell provides a command line interface running on top of the EFI API.
It can be used to execute EFI binaries, to manage EFI variables and boot
options, or to display details of installed devices, drivers, and protocols.
This package contains the shellarm.efi binary for the 32-bit ARM
architecture.
- efi-shell-ia32: UEFI Shell for 32-bit x86 architecture
The UEFI Shell provides a command line interface running on top of the EFI API.
It can be used to execute EFI binaries, to manage EFI variables and boot
options, or to display details of installed devices, drivers, and protocols.
This package contains the shellia32.efi binary for the a 32-bit x86
architecture.
- efi-shell-riscv64: UEFI Shell for 64-bit RISC-V architecture
The UEFI Shell provides a command line interface running on top of the EFI API.
It can be used to execute EFI binaries, to manage EFI variables and boot
options, or to display details of installed devices, drivers, and protocols.
This package contains the shellriscv64.efi binary for the 64-bit RISC-V
architecture.
- efi-shell-x64: UEFI Shell for 64-bit x86 architecture
The UEFI Shell provides a command line interface running on top of the EFI API.
It can be used to execute EFI binaries, to manage EFI variables and boot
options, or to display details of installed devices, drivers, and protocols.
This package contains the shellx64.efi binary for the 64-bit x86
architecture.
- ovmf: UEFI firmware for 64-bit x86 virtual machines
Open Virtual Machine Firmware is a build of EDK II for 64-bit x86 virtual
machines. It includes full support for UEFI, including Secure Boot, allowing
use of UEFI in place of a traditional BIOS in your VM.
- ovmf-ia32: UEFI firmware for 32-bit x86 virtual machines
Open Virtual Machine Firmware is a build of EDK II for 32-bit x86 virtual
machines. It includes full support for UEFI, including Secure Boot, allowing
use of UEFI in place of a traditional BIOS in your VM.
- qemu-efi-aarch64: UEFI firmware for 64-bit ARM virtual machines
qemu-efi-aarch64 is a build of EDK II for 64-bit ARM virtual machines. It
includes full support for UEFI, including Secure Boot.
- qemu-efi-arm: UEFI firmware for 32-bit ARM virtual machines
qemu-efi-arm is a build of EDK II for 32-bit ARM virtual machines. It
includes full support for UEFI, including Secure Boot.
- qemu-efi-riscv64: UEFI firmware for RISCV64 virtual machines
qemu-efi-riscv64 is a build of EDK II for RISCV64 virtual machines.
