[Bug 1786491] Re: grub2 verify signed kernel exists or abort upgrade
Launchpad Bug Tracker
1786491 at bugs.launchpad.net
Thu Aug 23 08:10:33 UTC 2018
This bug was fixed in the package grub2-signed - 1.93.4
---------------
grub2-signed (1.93.4) bionic; urgency=medium
* Rebuild against grub2 2.02-2ubuntu8.3 and check kernel is signed on
amd64 EFI before installing grub (LP: #1786491).
-- Julian Andres Klode <juliank at ubuntu.com> Mon, 13 Aug 2018 12:51:32
+0200
** Changed in: grub2-signed (Ubuntu Bionic)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2-signed in Ubuntu.
https://bugs.launchpad.net/bugs/1786491
Title:
grub2 verify signed kernel exists or abort upgrade
Status in grub2 package in Ubuntu:
Fix Released
Status in grub2-signed package in Ubuntu:
Fix Released
Status in grub2 source package in Bionic:
Fix Released
Status in grub2-signed source package in Bionic:
Fix Released
Status in grub2 source package in Cosmic:
Fix Released
Status in grub2-signed source package in Cosmic:
Fix Released
Bug description:
[Impact]
grub2 should fail to install if no signed kernels exist
[Test case]
On a secure boot system:
* Install grub-efi-amd64{,signed} and signed kernel => installs
* Install grub-efi-amd64{,signed} and only unsigned kernel => prevents
On a non-secure-boot system:
* Install grub-efi-amd64{,signed} and only unsigned kernel => installs
[Regression potential]
Upgrades can break.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1786491/+subscriptions
More information about the foundations-bugs
mailing list