-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathDBXUpdate-20230314.ia32.metainfo.xml
53 lines (53 loc) · 2.06 KB
/
DBXUpdate-20230314.ia32.metainfo.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
<?xml version="1.0" encoding="UTF-8"?>
<!-- Copyright 2022 Richard Hughes <[email protected]> -->
<component type="firmware">
<id>org.linuxfoundation.dbx.ia32.firmware</id>
<name>Secure Boot dbx</name>
<name_variant_suffix>ia32</name_variant_suffix>
<summary>UEFI Secure Boot Forbidden Signature Database</summary>
<description>
<p>
Updating the UEFI dbx prevents starting EFI binaries with known security issues.
</p>
</description>
<provides>
<!-- Microsoft Corporation KEK CA 2011 -
UEFI\CRT_A1117F516A32CEFCBA3F2D1ACE10A87972FD6BBE8FE0D0B996E09E65D802A503&ARCH_IA32 -->
<firmware type="flashed">ec642137-d87f-5c5a-be37-d3fa9b5c0ef2</firmware>
</provides>
<url type="homepage">https://uefi.org/revocationlistfile</url>
<metadata_license>CC0-1.0</metadata_license>
<project_license>proprietary</project_license>
<developer_name>Microsoft Corporation</developer_name>
<releases>
<!-- for the version use `fwupdtool firmware-parse foo.bin efi-signature-list` -->
<release urgency="high" version="57" date="2023-03-14">
<checksum filename="DBXUpdate-20230314.ia32.bin" target="content"/>
<description>
<p>
An insecure version of software from Trend Micro has been added to the list of forbidden
signatures due to a discovered security problem.
This updates the dbx to the latest release from Microsoft.
</p>
<p>
Before installing the update, fwupd will check for any affected executables
in the ESP and will refuse to update if it finds any boot binaries signed
with any of the forbidden signatures.
</p>
</description>
<issues>
<issue type="cve">CVE-2023-28005</issue>
</issues>
</release>
</releases>
<requires>
<id compare="ge" version="1.8.14">org.freedesktop.fwupd</id>
</requires>
<custom>
<value key="LVFS::UpdateProtocol">org.uefi.dbx</value>
<value key="LVFS::VersionFormat">number</value>
</custom>
<categories>
<category>X-Configuration</category>
</categories>
</component>