Hey all! On Tue, Jan 31, 2023 at 09:18:04PM +0100, Salvatore Bonaccorso wrote: >Utkarsh, > >On Tue, Jan 31, 2023 at 08:00:30PM +0000, Steve McIntyre wrote: >> On Wed, Feb 01, 2023 at 01:18:46AM +0530, Utkarsh Gupta wrote: >> >Hi Steve, >> > >> >On Tue, Jan 31, 2023 at 11:43 PM Salvatore Bonaccorso <car...@debian.org> >> >wrote: >> >> > I've just uploaded a new shim update for buster, based on the latest >> >> > update in unstable today. Please accept it quickly so we can get the >> >> > binaries out and signed ASAP? >> >> >> >> The upload is already accepted, but I'm including as well the LTS list >> >> for information (as the update should be accompanied with a DLA >> >> describing the update). >> > >> >Thank you for the upload. I can prepare the paperwork but can you >> >point out what bugs we're fixing in this update? I need to write >> >something in the advisory. :) >> >> It will eventually (once we get the signed version through) fix a few >> bugs, such as (skimming the BTS): >> >> * #995940 >> * #995155 >> >> and maybe others. More importantly, it's needed to keep us updated >> with recent shim requirements so Secure Boot will continue to >> work. Our older shim binaries are at risk of being blocked soon-ish. >> >> I'd be tempted to hold back on the DLA and write a single one for shim >> and shim-signed when that turns up. > >Some helpful context might be here: >https://lists.debian.org/debian-boot/2023/01/msg00221.html > >For the DLA, I think the situation is very similar to grub or linux, >only for the main source package the advisory is actually issued, but >not for the signed packages (but I might have missunderstood what you >wanted to propose).
As you'll have probably seen, I've uploaded shim-signed last night. Next up, some grub updates... -- Steve McIntyre, Cambridge, UK. st...@einval.com 'There is some grim amusement in watching Pence try to run the typical "politician in the middle of a natural disaster" playbook, however incompetently, while Trump scribbles all over it in crayon and eats some of the pages.' -- Russ Allbery
