Comment 0 for bug 1921134
Revision history for this message
| Dimitri John Ledkov (xnox) wrote SBAT shim 15.3 release | #0 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
[Impact]
* New upstream shim release 15.3
* It includes and enforces SBAT validation
[Test Plan]
* https:/
[Where problems could occur]
* Upgrading to new shim, without upgrading to the new grub with sbat will fail to boot, as grub must include SBAT section.
* Upgrading to new shim, without upgrading to the new fwupdate with sbat will fail to boot, as fwupdate must include SBAT section.
[Other Info]
* All patches are dropped, as all got included in the v15.3 upstream release
* Embedded ephemeral shim certificate is now gone, and archive key is used to sign fb/mm
* Vendor DBX is included that revokes Boothole & ACPI-bypass vulnerable grubs and shims