This bug was fixed in the package grub2 - 2.02~beta2-9ubuntu1.17
---------------
grub2 (2.02~beta2-9ubuntu1.17) trusty; urgency=medium
* debian/grub-check-signatures: check kernel signatures against keys known
in firmware, in case a kernel is signed but not using a key that will pass
validation, such as when using kernels coming from a PPA. (LP: #1789918)
* debian/patches/linuxefi_disable_sb_fallback.patch: Disallow unsigned
kernels if UEFI Secure Boot is enabled. If UEFI Secure Boot is enabled
and kernel signature verification fails, do not boot the kernel. Patch
from Linn Crosetto. (LP: #1401532)
-- Mathieu Trudel-Lapierre <[email protected]> Fri, 22 Mar 2019
11:36:54 -0400
** Changed in: grub2 (Ubuntu Trusty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1789918
Title:
grub2 signed kernel enforcement doesn't check on upgrade that
signatures are from trusted keys
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1789918/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
