{"affected":[{"ecosystem_specific":{"binaries":[{"pcr-oracle":"0.4.6-2.1","shim":"15.8-1.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.0","name":"pcr-oracle","purl":"pkg:rpm/suse/pcr-oracle&distro=SUSE%20Linux%20Micro%206.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.4.6-2.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"pcr-oracle":"0.4.6-2.1","shim":"15.8-1.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.0","name":"shim","purl":"pkg:rpm/suse/shim&distro=SUSE%20Linux%20Micro%206.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"15.8-1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for pcr-oracle, shim fixes the following issues:\n\npcr-oracle:\n\n- predict SbatLevelRT for the next boot (bsc#1230316)\n\nshim was updated to version 15.8:\n\n- Update shim-install to use the 'removable' way for encrypted\n  SL-Micro images (bsc#1230316)\n  * Always use the removable way for SL-Micro\n  * Limit the removable option to encrypted SL-Micro\n\n\nSecurity issues fixed:\n\n- mok: fix LogError() invocation (bsc#1215099,CVE-2023-40546)\n- avoid incorrectly trusting HTTP headers (bsc#1215098,CVE-2023-40547)\n- Fix integer overflow on SBAT section size on 32-bit system (bsc#1215100,CVE-2023-40548)\n- Authenticode: verify that the signature header is in bounds (bsc#1215101,CVE-2023-40549)\n- pe: Fix an out-of-bound read in verify_buffer_sbat() (bsc#1215102,CVE-2023-40550)\n- pe-relocate: Fix bounds check for MZ binaries (bsc#1215103,CVE-2023-40551)\n\n\n","id":"SUSE-SU-2025:20136-1","modified":"2025-03-07T15:31:20Z","published":"2025-03-07T15:31:20Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202520136-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215098"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215099"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215100"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215101"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215102"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215103"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230316"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-40546"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-40547"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-40548"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-40549"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-40550"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-40551"}],"related":["CVE-2023-40546","CVE-2023-40547","CVE-2023-40548","CVE-2023-40549","CVE-2023-40550","CVE-2023-40551"],"summary":"Security update for pcr-oracle, shim","upstream":["CVE-2023-40546","CVE-2023-40547","CVE-2023-40548","CVE-2023-40549","CVE-2023-40550","CVE-2023-40551"]}