File _patchinfo of Package patchinfo.16059

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.16059

<patchinfo incident="16059">
  <issue tracker="bnc" id="1168994">VUL-0: CVE-2020-10713: grub2: parsing overflows can bypass secure boot restrictions</issue>
  <issue tracker="cve" id="2020-10713"></issue>
  <issue tracker="bnc" id="1175626">Recent update run on August 21, 2020 kills bootloader</issue>
  <issue tracker="bnc" id="1175656">Pending MOK request forced bootx64.efi to shut down the system</issue>
  <packager>gary_lin</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for shim</summary>
  <description>This update for shim fixes the following issues:

- Update to the unified shim binary from SUSE Linux Enterprise 15-SP1 (bsc#1168994)

This update addresses the "BootHole" security issue (master CVE CVE-2020-10713), by
disallowing binaries signed by the previous SUSE UEFI signing key from booting.

This update should only be installed after updates of grub2, the Linux kernel and (if used)
Xen from July / August 2020 are applied.

Additional fixes:

+ shim-install: install MokManager to \EFI\boot to process the pending MOK request (bsc#1175626, bsc#1175656)

</description>
<message>Please make sure that all "BootHole" related security updates are installed (grub2, kernel, and possibly xen) before rebooting with this updated shim.</message>
</patchinfo>

Places

File _patchinfo of Package patchinfo.16059

Places