Update to shim 15.8
Bug #2051151 reported by
Mate Kukri
This bug affects 4 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
shim (Debian) |
Fix Released
|
Unknown
|
|||
shim (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Confirmed
|
Undecided
|
Mate Kukri | ||
Jammy |
Confirmed
|
Undecided
|
Mate Kukri | ||
Mantic |
Won't Fix
|
Undecided
|
Mate Kukri | ||
Noble |
Fix Released
|
Undecided
|
Unassigned | ||
shim-signed (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Confirmed
|
Undecided
|
Mate Kukri | ||
Jammy |
Confirmed
|
Undecided
|
Mate Kukri | ||
Mantic |
Won't Fix
|
Undecided
|
Mate Kukri | ||
Noble |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
shim 15.7 is affected by multiple CVEs, including a critical severity one allowing Secure Boot bypass when netbooting.
[Test Plan]
Make sure the system is bootable both from disk and network with the new shim on each affected series
[Where problems could occur]
Boot regressions are always possible when updating such a critical component.
CVE References
tags: | added: upgrade-software-version |
Changed in shim (Debian): | |
status: | Unknown → New |
description: | updated |
description: | updated |
Changed in shim (Debian): | |
status: | New → Fix Committed |
Changed in shim (Debian): | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Status changed to 'Confirmed' because the bug affects multiple users.