USN-4395-1: fwupd vulnerability
USN-4395-1: fwupd vulnerability fwupd vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 20.04 LTS Ubuntu 19.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary fwupd could be made to install an unsigned firmware. Software Description fwupd – Firmware update daemon Details Justin Steven discovered that fwupd incorrectly handled certain signature verification. An attacker could possibly use this issue to install an unsigned firmware. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS fwupd – 1.3.9-4ubuntu0.1 libfwupd2 – 1.3.9-4ubuntu0.1 Ubuntu 19.10 fwupd – 1.2.10-1ubuntu4.1 libfwupd2 – 1.2.10-1ubuntu4.1 Ubuntu 18.04 LTS fwupd – 1.2.10-1ubuntu2~ubuntu18.04.5 libfwupd2 – 1.2.10-1ubuntu2~ubuntu18.04.5 Ubuntu 16.04 LTS fwupd – 0.8.3-0ubuntu5.1 libfwupd1 – 0.8.3-0ubuntu5.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References [ more… ]