Hi Dimitri!
On 7/29/20 11:20 PM, Dimitri John Ledkov wrote:
> Disclosures were done to a subset of binary distributions that have a
> trust path to shims signed with Microsoft UEFI CA 2011 db key. Arch
> Linux does not provide shim-signed with keys controlled by Arch Linux
> and it doesn't provide
On Wed, 29 Jul 2020 at 21:20, John Paul Adrian Glaubitz
wrote:
>
> On 7/29/20 10:12 PM, Christian Hesse wrote:
> > This does not apply on top of grub 2.04. Will downstream maintainers have to
> > do their cherry-picking on its own or will a maintenance branch on top of
> > grub-2.04 (or what ever)
On 7/29/20 10:12 PM, Christian Hesse wrote:
> This does not apply on top of grub 2.04. Will downstream maintainers have to
> do their cherry-picking on its own or will a maintenance branch on top of
> grub-2.04 (or what ever) be available?
> I would like to push updates to the Arch Linux repositori
Daniel Kiper on Wed, 2020/07/29 19:00:
> I am posting all the GRUB2 upstream patches which fixes all security bugs
> found and reported up until now. Major Linux distros carry or will carry
> soon one form or another of these patches. Now all the GRUB2 upstream
> patches are in the GRUB2 git repos
Hi all,
We have recently been made aware of a problem with GRUB2 by security research
firm Eclypsium that allows a bad actor to circumvent UEFI Secure Boot. Normally,
when Secure Boot is enabled, only modules [1] that have a valid signature can
be loaded. The bug allows this to be circumvented and