https://bugs.kde.org/show_bug.cgi?id=432589
--- Comment #3 from Xavier Vello <xavier.ve...@gmail.com> --- snapd is not welcome on my systems, but I checked the official flatpak and it only ships an unsigned EFI $ find /var/lib/flatpak/app/org.freedesktop.fwupd/ -iname *.efi* /var/lib/flatpak/app/org.freedesktop.fwupd/x86_64/stable/d0fd85cb1b12f7668ab365a4cb066c0928312eb62b33aab00ba840e279042cf0/files/libexec/fwupd/efi/fwupdx64.efi $ sbverify --list /var/lib/flatpak/app/org.freedesktop.fwupd/x86_64/stable/d0fd85cb1b12f7668ab365a4cb066c0928312eb62b33aab00ba840e279042cf0/files/libexec/fwupd/efi/fwupdx64.efi [...] No signature table present Comparing to the grub EFI signed by Canonical: $ sbverify --list /boot/efi/EFI/neon/grubx64.efi signature 1 image signature issuers: - /C=GB/ST=Isle of Man/L=Douglas/O=Canonical Ltd./CN=Canonical Ltd. Master Certificate Authority image signature certificates: - subject: /C=GB/ST=Isle of Man/O=Canonical Ltd./OU=Secure Boot/CN=Canonical Ltd. Secure Boot Signing (2017) issuer: /C=GB/ST=Isle of Man/L=Douglas/O=Canonical Ltd./CN=Canonical Ltd. Master Certificate Authority For users impacted by this, would downgrading to the 1.3.9-4 provided by the focal repositories (and installing the matching fwupd-signed package) be a viable option, or would it break something? -- You are receiving this mail because: You are watching all bug changes.
