fwupd
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | Simple daemon to allow session software to update firmware |
Version | 2.0.3-2 [extra] |
Resolved
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-1186 | 0.1.2-1 | 1.4.0-1 | High | Fixed |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2020-10759 | AVG-1186 | High | Yes | Insufficient validation | A PGP signature verification bypass has been found in fwupd prior to 1.4.0, and in libjcat <= 0.1.2. The issue is that if a detached signature is actually a... |