Verification-done on trusty: ii grub-common 2.02~beta2-9ubuntu1.17 amd64 GRand Unified Bootloader (common files) ii grub-efi-amd64 2.02~beta2-9ubuntu1.17 amd64 GRand Unified Bootloader, version 2 (EFI-AMD64 version) ii grub-efi-amd64-bin 2.02~beta2-9ubuntu1.17 amd64 GRand Unified Bootloader, version 2 (EFI-AMD64 binaries) ii grub-efi-amd64-signed 1.34.19+2.02~beta2-9ubuntu1.17 amd64 GRand Unified Bootloader, version 2 (EFI-AMD64 version, signed) ii grub-legacy-ec2 0.7.5-0ubuntu1.23 all Handles update-grub for ec2 instances ii grub-pc-bin 2.02~beta2-9ubuntu1.17 amd64 GRand Unified Bootloader, version 2 (PC/BIOS binaries) ii grub2-common 2.02~beta2-9ubuntu1.17 amd64 GRand Unified Bootloader (common files for version 2)
Kernel signatures are correctly enforced, but a postinst check is missing in grub2-signed to check signatures before applying the next update (missing in grub2-signed 1.34.19) ** Tags removed: verification-needed-trusty ** Tags added: verification-done-trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1789918 Title: grub2 signed kernel enforcement doesn't check on upgrade that signatures are from trusted keys To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1789918/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
