Fwupd 2.1.2 is now available as the latest maintenance update for the Linux firmware update service. A key enhancement is the new Host Security ID check for AMD SB-7033, also referred to as EntrySign.
Moreover, the update adds native CBOR parsing, eliminating the libcbor2 dependency. Additional features include support for setting device maximum version numbers, applying context flags from HWID matches, loading EFI authenticated variables with ContentInfo headers, and requiring Windows 8 or newer for the MSI build artifact.
Regarding firmware parsing, Fwupd 2.1.2 introduces a decompression ratio limit to prevent ZIP bomb attacks, restricts the number of files parsed from ZIP archives, ensures UEFI capsule payloads remain under 4 GiB, and establishes appropriate parsing limits across firmware subclasses.
On top of that, Fwupd 2.1.2 adds daemon support for modems exporting ttyUSB devices, resolves access issues with Nordic devices connected via dongle, enhances Nordic TK059 Keyboard update handling, restores the VID check in the Algoltek USBCR probe function, and addresses a UF2 race condition with UDisks2 volume discovery during replug.
Additionally, the progress bar now features higher-resolution updates and improved progress reporting while waiting for device replug.
Dell and Redfish support have also been improved. The release introduces a device activation flag for Dell servers following firmware upgrades, ensures proper handling of Dell iDRAC with Redfish, corrects the auto-generated Redfish HBA device name, and resolves a minor memory leak when writing Redfish firmware.
Additional fixes address Thunderbolt version reporting, Lenovo ThinkCentre M60e Tiny UEFI capsule handling, removable USB probing warnings, snapd payload handling, QMI firmware writes, Synaptics cxaudio EEPROM validation, Nordic HID peer index validation, CCGX record size checks before flash writes, and DFU sector validation to prevent potential infinite loops.
On the hardware support side, Fwupd 2.1.2 expands hardware support to include Elan TP IC type 0x19, Google Moonstone, HP 400 and 405 Mouse, Lenovo USB4 dock, LX Semicon SW42101 touch controller, Parade USB hubs with GPIO control, Pixart PLP239 devices, Raydium TP devices, and Sunplus cameras.
For more details, see the changelog.
