This bug was fixed in the package grub2 - 2.02~beta3-4ubuntu2 --------------- grub2 (2.02~beta3-4ubuntu2) zesty; urgency=medium
* debian/build-efi-images: provide a new grub EFI image which enforces that loaded kernels are signed for Secure Boot: build gsb$arch.efi; which is the same as grub$arch.efi minus the 'linux' module. Without fallback to 'linux' for unsigned loading, this makes it effectively enforce having a signed kernel. (LP: #1401532) -- Mathieu Trudel-Lapierre <cypher...@ubuntu.com> Thu, 30 Mar 2017 17:45:23 -0400 ** Changed in: grub2 (Ubuntu Zesty) Status: Triaged => Fix Released ** Changed in: grub2-signed (Ubuntu Zesty) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1401532 Title: GRUB's Secure Boot implementation loads unsigned kernel without warning To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1401532/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs