This bug was fixed in the package grub2 - 2.02+dfsg1-5ubuntu8.1
---------------
grub2 (2.02+dfsg1-5ubuntu8.1) cosmic; urgency=medium
[ Mathieu Trudel-Lapierre ]
* debian/grub-check-signatures: check kernel signatures against keys known
in firmware, in case a kernel is signed but not using a key that will pass
validation, such as when using kernels coming from a PPA. (LP: #1789918)
* debian/patches/mkconfig_leave_breadcrumbs.patch: make sure grub-mkconfig
leaves a trace of what files were sourced to help generate the config
we're building. (LP: #1812863)
[ Steve Langasek ]
* debian/patches/quick-boot-lvm.patch: If we don't have writable
grubenv and we're on EFI, always show the menu. Closes LP: #1800722.
-- Mathieu Trudel-Lapierre <[email protected]> Tue, 22 Jan 2019
09:57:07 -0500
** Changed in: grub2 (Ubuntu Cosmic)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1789918
Title:
grub2 signed kernel enforcement doesn't check on upgrade that
signatures are from trusted keys
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1789918/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
