[Group.of.nepali.translators] [Bug 1401532] Re: GRUB's Secure Boot implementation loads unsigned kernel without warning

Released in grub2-signed (1.66.26). ** Changed in: grub2-signed (Ubuntu Xenial) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs

[Group.of.nepali.translators] [Bug 1401532] Re: GRUB's Secure Boot implementation loads unsigned kernel without warning

This bug was fixed in the package grub2 - 2.02~beta2-36ubuntu3.26 --- grub2 (2.02~beta2-36ubuntu3.26) xenial; urgency=medium [ Chris Coulson ] * SECURITY UPDATE: Heap buffer overflow when encountering commands that cannot be tokenized to less than 8192 characters. -

[Group.of.nepali.translators] [Bug 1401532] Re: GRUB's Secure Boot implementation loads unsigned kernel without warning

This bug was fixed in the package grub2 - 2.02~beta2-9ubuntu1.17 --- grub2 (2.02~beta2-9ubuntu1.17) trusty; urgency=medium * debian/grub-check-signatures: check kernel signatures against keys known in firmware, in case a kernel is signed but not using a key that will pass

[Group.of.nepali.translators] [Bug 1401532] Re: GRUB's Secure Boot implementation loads unsigned kernel without warning

This bug was fixed in the package grub2-signed - 1.93.13 --- grub2-signed (1.93.13) bionic; urgency=medium * Rebuild against grub2 2.02-2ubuntu8.12. grub2-signed (1.93.12) bionic; urgency=medium * Rebuild against grub2 2.02-2ubuntu8.11. (LP: #1401532) (LP: #1814403) (LP:

[Group.of.nepali.translators] [Bug 1401532] Re: GRUB's Secure Boot implementation loads unsigned kernel without warning

This bug was fixed in the package grub2 - 2.02-2ubuntu8.12 --- grub2 (2.02-2ubuntu8.12) bionic; urgency=medium * debian/grub-check-signatures: make sure grub-check-signatures conserves its execute bit. grub2 (2.02-2ubuntu8.11) bionic; urgency=medium [ Mathieu

[Group.of.nepali.translators] [Bug 1401532] Re: GRUB's Secure Boot implementation loads unsigned kernel without warning

This probably should not have been closed as Fix Released quite yet. A gsbx64.efi binary was being built, which allowed enforcement. Now, the proper fix to never allow unsigned / invalidly signed kernels has landed in Cosmic; so proceeding with the SRUs. ** No longer affects: grub2 (Ubuntu

[Group.of.nepali.translators] [Bug 1401532] Re: GRUB's Secure Boot implementation loads unsigned kernel without warning

This bug was fixed in the package grub2 - 2.02-2ubuntu1 --- grub2 (2.02-2ubuntu1) bionic; urgency=medium * Merge with Debian; remaining changes: - debian/patches/support_initrd-less_boot.patch: Added knobs to allow non-initrd boot config. (LP: #1640878) - Disable

[Group.of.nepali.translators] [Bug 1401532] Re: GRUB's Secure Boot implementation loads unsigned kernel without warning

This bug was fixed in the package grub2 - 2.02~beta3-4ubuntu2 --- grub2 (2.02~beta3-4ubuntu2) zesty; urgency=medium * debian/build-efi-images: provide a new grub EFI image which enforces that loaded kernels are signed for Secure Boot: build gsb$arch.efi; which is the same

[Group.of.nepali.translators] [Bug 1401532] Re: GRUB's Secure Boot implementation loads unsigned kernel without warning

I'm updating the description for this bug and opening a grub2-signed task (and the relevant release tasks). We're at the point where the grub2 fallback code needs to be addressed. ** Description changed: + [Rationale] + GRUB should help us enforce that in UEFI mode, only signed kernels are