edk2 - Debian Package Tracker

general

source: edk2 (main)
version: 2020.11-4
maintainer: Debian QEMU Team (archive) (DMD)
uploaders: Serge Hallyn [DMD] – Steve Langasek [DMD] – dann frazier [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 0~20161202.7bbe0b3e-1+deb9u1
stable: 0~20181115.85588389-3+deb10u3
stable-bpo: 2020.05-3~bpo+1
testing: 2020.11-2
unstable: 2020.11-4
exp: 2021.02-1

versioned links

0~20161202.7bbe0b3e-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0~20181115.85588389-3+deb10u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2020.05-3~bpo+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2020.11-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2020.11-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2021.02-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ovmf
ovmf-ia32
qemu-efi
qemu-efi-aarch64
qemu-efi-arm

action needed

14 security issues in stretch high

There are 14 open security issues in stretch.

2 important issues:

CVE-2021-28210:
CVE-2021-28211:

2 issues postponed or untriaged:

CVE-2019-14560: (needs triaging)
CVE-2019-14562: (needs triaging) Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.

10 ignored issues:

CVE-2018-12183: Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
CVE-2019-0160: Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.
CVE-2019-0161: Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.
CVE-2019-14558: Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable denial of service via adjacent access.
CVE-2019-14559: Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access.
CVE-2019-14563: Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2019-14575: Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2019-14584:
CVE-2019-14586: Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access.
CVE-2019-14587: Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Created: 2021-02-19 Last update: 2021-03-26 21:56

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-14560:

Created: 2021-02-19 Last update: 2021-03-26 21:56

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2020-08-10 Last update: 2021-04-13 17:35

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 20-day delay is over. Check why.

Created: 2021-03-30 Last update: 2021-04-13 17:34

lintian reports 5 warnings normal

Lintian reports 5 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2021-01-27 Last update: 2021-01-27 03:02

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

qemu-efi could be marked Multi-Arch: foreign

Created: 2018-03-15 Last update: 2021-04-13 13:33

3 low-priority security issues in buster low

There are 3 open security issues in buster.

3 issues left for the package maintainer to handle:

CVE-2019-14560: (needs triaging)
CVE-2021-28210: (needs triaging)
CVE-2021-28211: (needs triaging)

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2021-03-26 21:56

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2020-11-17 Last update: 2021-03-10 00:21

testing migrations

excuses:
- Migration status for edk2 (2020.11-2 to 2020.11-4): BLOCKED: Needs an approval (either due to a freeze, the source suite or a manual hint)
- Issues preventing migration:
- blocked by freeze: is a key package (Follow the freeze policy when applying for an unblock)
- Additional info:
- Piuparts tested OK - https://piuparts.debian.org/sid/source/e/edk2.html
- autopkgtest for edk2/2020.11-4: amd64: Pass, arm64: Pass, armhf: Pass, i386: Pass, ppc64el: Pass
- 34 days old (needed 20 days)
- Not considered

news

[rss feed]

[2021-03-09] Accepted edk2 2021.02-1 (source) into experimental (dann frazier)
[2021-03-09] Accepted edk2 2020.11-4 (source) into unstable (dann frazier)
[2021-03-09] Accepted edk2 2020.11-3 (source) into unstable (dann frazier)
[2021-01-23] Accepted edk2 0~20181115.85588389-3+deb10u3 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: dann frazier)
[2020-12-18] edk2 2020.11-2 MIGRATED to testing (Debian testing watch)
[2020-12-15] Accepted edk2 2020.11-2 (source) into unstable (dann frazier)
[2020-12-14] Accepted edk2 2020.11-1 (source all) into unstable, unstable (Debian FTP Masters) (signed by: dann frazier)
[2020-10-16] Accepted edk2 0~20181115.85588389-3+deb10u2 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: dann frazier)
[2020-10-01] edk2 2020.08-1 MIGRATED to testing (Debian testing watch)
[2020-09-28] Accepted edk2 2020.08-1 (source) into unstable (dann frazier)
[2020-09-10] edk2 2020.05-5 MIGRATED to testing (Debian testing watch)
[2020-09-07] Accepted edk2 2020.05-5 (source) into unstable (dann frazier)
[2020-09-05] edk2 2020.05-4 MIGRATED to testing (Debian testing watch)
[2020-09-02] Accepted edk2 2020.05-4 (source) into unstable (dann frazier)
[2020-08-30] Accepted edk2 2020.05-3~bpo+1 (source) into buster-backports (Aurelien Jarno)
[2020-08-10] edk2 2020.05-3 MIGRATED to testing (Debian testing watch)
[2020-08-06] Accepted edk2 2020.05-3 (source) into unstable (dann frazier)
[2020-06-14] edk2 2020.05-2 MIGRATED to testing (Debian testing watch)
[2020-06-11] Accepted edk2 2020.05-2 (source) into unstable (dann frazier)
[2020-06-06] edk2 2020.05-1 MIGRATED to testing (Debian testing watch)
[2020-06-03] Accepted edk2 2020.05-1 (source) into unstable (dann frazier)
[2020-04-25] Accepted edk2 0~20181115.85588389-3+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: dann frazier)
[2020-04-22] Accepted edk2 0.0~20200229-2~bpo10+1 (source all) into buster-backports, buster-backports (Debian FTP Masters) (signed by: Aurelien Jarno)
[2020-04-14] edk2 0.0~20200229-2 MIGRATED to testing (Debian testing watch)
[2020-04-11] Accepted edk2 0.0~20200229-2 (source) into unstable (dann frazier)
[2020-04-03] edk2 0.0~20200229-1 MIGRATED to testing (Debian testing watch)
[2020-03-31] Accepted edk2 0.0~20200229-1 (source) into unstable (dann frazier)
[2020-03-16] edk2 0~20200229.4c0f6e34-1 MIGRATED to testing (Debian testing watch)
[2020-03-14] Accepted edk2 0~20200229.4c0f6e34-1 (source) into unstable (dann frazier)
[2020-03-01] edk2 0~20191122.bd85bf54-2 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 6
RC: 0
I&N: 1
M&W: 5
F&P: 0
patch: 0

links

homepage
lintian (0, 5)
buildd: logs, exp, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2020.11-4
6 bugs