shim-signed 1.33.1~16.04.4 source package in Ubuntu


shim-signed (1.33.1~16.04.4) xenial; urgency=medium

  * update-secureboot-policy: (LP: #1748983)
    - Backport update-secureboot-policy changes to generate a MOK and guide
      users through re-enabling validation and automatically signing DKMS
  * debian/shim-signed.postinst:
    - When triggered, explicitly try to enroll the available MOK.
  * debian/shim-signed.install, openssl.cnf: Install some default configuration
    for creating our self-signed key.
  * debian/shim-signed.dirs: make sure we have a directory where to put a MOK.
  * debian/templates: update templates for update-secureboot-policy changes.
  * debian/control: Breaks dkms (<< since we're changing
    the behavior of update-secureboot-policy.

 -- Mathieu Trudel-Lapierre <email address hidden>  Mon, 28 Jan 2019 10:22:31 -0500

Upload details

Uploaded by:
Mathieu Trudel-Lapierre on 2019-01-28
Uploaded to:
Original maintainer:
Steve Langasek
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates on 2019-02-14 main utils


Xenial: [FULLYBUILT] amd64


File Size SHA-256 Checksum
shim-signed_1.33.1~16.04.4.tar.xz 338.8 KiB af2474f0deab6b8fe86a2805f2adba51543c3337a563e7d76412918a2c299331
shim-signed_1.33.1~16.04.4.dsc 1.7 KiB 90bc064f585717dfb3a919dc9dd91088244e6e4349ac04631c737143574a3eef

Available diffs

View changes file

Binary packages built by this source

shim-signed: Secure Boot chain-loading bootloader (Microsoft-signed binary)

 This package provides a minimalist boot loader which allows verifying
 signatures of other UEFI binaries against either the Secure Boot DB/DBX or
 against a built-in signature database. Its purpose is to allow a small,
 infrequently-changing binary to be signed by the UEFI CA, while allowing
 an OS distributor to revision their main bootloader independently of the CA.
 This package contains the version of the bootloader binary signed by the
 Microsoft UEFI CA.