shim-signed 1.33.1~14.04.4 source package in Ubuntu


shim-signed (1.33.1~14.04.4) trusty; urgency=medium

  * update-secureboot-policy: (LP: #1748983)
    - Backport update-secureboot-policy changes to generate a MOK and guide
      users through re-enabling validation and automatically signing DKMS
  * debian/shim-signed.postinst:
    - When triggered, explicitly try to enroll the available MOK.
  * debian/shim-signed.install, openssl.cnf: Install some default configuration
    for creating our self-signed key.
  * debian/shim-signed.dirs: make sure we have a directory where to put a MOK.
  * debian/templates: update templates for update-secureboot-policy changes.
  * debian/control: Breaks dkms (<< since we're
    changing the behavior of update-secureboot-policy.

 -- Mathieu Trudel-Lapierre <email address hidden>  Mon, 28 Jan 2019 11:02:00 -0500

Upload details

Uploaded by:
Mathieu Trudel-Lapierre on 2019-01-28
Uploaded to:
Original maintainer:
Steve Langasek
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates on 2019-02-14 main utils


Trusty: [FULLYBUILT] amd64


File Size SHA-256 Checksum
shim-signed_1.33.1~14.04.4.tar.xz 313.4 KiB 82bbb6549dbbcb84b32130287f6eb30a3c926ac8ab75839c6b503cd130addc46
shim-signed_1.33.1~14.04.4.dsc 1.7 KiB 772a595d463001ffd111834f62e7b786a2139f59257f2d25cf03ff00aeacbb3b

Available diffs

View changes file

Binary packages built by this source

shim-signed: Secure Boot chain-loading bootloader (Microsoft-signed binary)

 This package provides a minimalist boot loader which allows verifying
 signatures of other UEFI binaries against either the Secure Boot DB/DBX or
 against a built-in signature database. Its purpose is to allow a small,
 infrequently-changing binary to be signed by the UEFI CA, while allowing
 an OS distributor to revision their main bootloader independently of the CA.
 This package contains the version of the bootloader binary signed by the
 Microsoft UEFI CA.