CVE-2020-10759

Priority
Description
[Metadata signature verification bypass in fwupd <1.4.0]
Assigned-to
leosilva
Notes
Package
Source: fwupd (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (0.8.3-0ubuntu5.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (1.2.10-1ubuntu2~ubuntu18.04.5)
Ubuntu 19.10 (Eoan Ermine):released (1.2.10-1ubuntu4.1)
Ubuntu 20.04 LTS (Focal Fossa):released (1.3.9-4ubuntu0.1)
Ubuntu 20.10 (Groovy Gorilla):pending (1.3.10-1)
Patches:
Upstream:https://github.com/fwupd/fwupd/commit/21f2d12fccef63b8aaa99ec53278ce18250b0444
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 LTS (Focal Fossa):needed
Ubuntu 20.10 (Groovy Gorilla):not-affected (0.1.3-1)
Patches:
Upstream:https://github.com/hughsie/libjcat/commit/839b89f45a38b2373bf5836337a33f450aaab72e
More Information

Updated: 2020-06-18 16:14:38 UTC (commit e68e16a7a826106828db41d67b55bc933c9cfd5f)