File _patchinfo of Package patchinfo.17514

<patchinfo incident="17514">
  <issue tracker="bnc" id="1177789">VUL-1: CVE-2019-14584: ovmf,shim: NULL pointer dereference in AuthenticodeVerify()</issue>
  <issue tracker="bnc" id="1183579">VUL-0: CVE-2021-28210: ovmf: unlimited FV recursion, round 2</issue>
  <issue tracker="bnc" id="1183578">VUL-0: CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo</issue>
  <issue tracker="bnc" id="1186151">VUL-0: ovmf: NetworkPkg/IScsiDxe: remotely exploitable buffer overflows</issue>
  <issue tracker="cve" id="2019-14584"/>
  <issue tracker="cve" id="2021-28211"/>
  <issue tracker="cve" id="2021-28210"/>
  <packager>gary_lin</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for ovmf</summary>
  <description>This update for ovmf fixes the following issues:

- Fixed a possible buffer overflow in IScsiDxe (bsc#1186151)
- CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo (bsc#1183578)
- CVE-2021-28210: ovmf: unlimited FV recursion, round 2 (bsc#1183579)
- CVE-2019-14584: ovmf,shim: NULL pointer dereference in AuthenticodeVerify() (bsc#1177789)
</description>
</patchinfo>