Package: grub-efi-amd64-bin Version: 1+2.06+5 Severity: grave Tags: security Justification: user security hole X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
After upgrade to 2.06-5, I get an error message "prohibited by secure boot policy" and it boot with a strange look with \xe7caracaters instead of lines. I build my own kernel and enrolled my owns keys, sign the linux kernel binarry and the mdoules with the keys. Everythong was working fine with 2.06-3. I also noticed that my enrolled keys is no more listed via "mokutil --list-enrolled". Although no key were cleared. -- System Information: Debian Release: bookworm/sid APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'unstable'), (500, 'testing'), (1, 'experimental') merged-usr: no Architecture: amd64 (x86_64) Kernel: Linux 5.10.155 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_FR.UTF8, LC_CTYPE=fr_FR.UTF8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system) Versions of packages grub-efi-amd64-signed depends on: ii grub-common 2.06-5 Versions of packages grub-efi-amd64-signed recommends: ii shim-signed 1.38+15.4-7 grub-efi-amd64-signed suggests no packages. Versions of packages grub-efi-amd64-bin depends on: ii grub-common 2.06-5 Versions of packages grub-efi-amd64-bin recommends: ii efibootmgr 17-1 -- no debconf information
