← Back to team overview

group.of.nepali.translators team mailing list archive

[Bug 1820764] Re: CVE-2018-12178 CVE-2018-12180 CVE-2018-12181

 

The Precise Pangolin has reached end of life, so this bug will not be
fixed for that release

** Changed in: edk2 (Ubuntu Precise)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1820764

Title:
  CVE-2018-12178 CVE-2018-12180 CVE-2018-12181

Status in edk2 package in Ubuntu:
  Fix Released
Status in edk2 source package in Precise:
  Won't Fix
Status in edk2 source package in Trusty:
  Confirmed
Status in edk2 source package in Xenial:
  Fix Released
Status in edk2 source package in Bionic:
  Fix Released
Status in edk2 source package in Cosmic:
  Fix Released
Status in edk2 source package in Disco:
  Fix Released
Status in edk2 package in Debian:
  Fix Released

Bug description:
  [Impact]
  Security vulnerabilities.

  [Test Case]
  Regression tested only (boot Ubuntu from disk, PXE boot)

  [Fix]
  https://github.com/tianocore/edk2/commit/84110bbe4bb3a346514b9bb12eadb7586bca7dfd
  https://github.com/tianocore/edk2/commit/ffe5f7a6b4e978dffbe1df228963adc914451106
  https://github.com/tianocore/edk2/commit/fccdb88022c1f6d85c773fce506b10c879063f1d
  https://github.com/tianocore/edk2/commit/89910a39dcfd788057caa5d88b7e76e112d187b5
  https://github.com/tianocore/edk2/commit/38c9fbdcaa0219eb86fe82d90e3f8cfb5a54be9f

  [Regression Risk]
  Risks include breaking DNS is some circumstances, possibly breaking image processing, partition detection, and RAM disk usage. This is mitigated by these patches having been upstream for some time, having already shipped in Ubuntu 19.04, and requiring minimal backporting to the Ubuntu versions.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/1820764/+subscriptions