[Bug 2051151] Re: Update to shim 15.8
Mate Kukri
2051151 at bugs.launchpad.net
Tue Aug 20 13:57:11 UTC 2024
Did a (not so) quick port of u-b-t to Jammy:
- All the local boot and SB tests pass on both arm64/amd64
- Netboot via PXEv4/PXEv6 is fine
- Netboot via HTTP is broken, but this isn't a regression, it doesn't work with the old shim either
** Tags removed: verification-needed-jammy
** Tags added: verification-done-jammy
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to shim-signed in Ubuntu.
https://bugs.launchpad.net/bugs/2051151
Title:
Update to shim 15.8
Status in shim package in Ubuntu:
Fix Released
Status in shim-signed package in Ubuntu:
Fix Released
Status in shim source package in Focal:
Fix Committed
Status in shim-signed source package in Focal:
Fix Committed
Status in shim source package in Jammy:
Fix Committed
Status in shim-signed source package in Jammy:
Fix Committed
Status in shim source package in Mantic:
Won't Fix
Status in shim-signed source package in Mantic:
Won't Fix
Status in shim source package in Noble:
Fix Released
Status in shim-signed source package in Noble:
Fix Released
Status in shim package in Debian:
Fix Released
Bug description:
[Impact]
shim 15.7 is affected by multiple CVEs, including a critical severity
one allowing Secure Boot bypass when netbooting.
[Test Plan]
Make sure the system is bootable both from disk and network with the
new shim on each affected series
[Where problems could occur]
Boot regressions are always possible when updating such a critical
component.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shim/+bug/2051151/+subscriptions
More information about the foundations-bugs
mailing list