SUSE-RU-2021:2464-1: moderate: Recommended update for shim
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Fri Jul 23 16:17:53 UTC 2021
SUSE Recommended Update: Recommended update for shim
______________________________________________________________________________
Announcement ID: SUSE-RU-2021:2464-1
Rating: moderate
References: #1185232 #1185261 #1185441 #1185464 #1185961
#1187071 #1187260 #1187696
Affected Products:
SUSE Linux Enterprise Module for Basesystem 15-SP3
______________________________________________________________________________
An update that has 8 recommended fixes can now be installed.
Description:
This update for shim fixes the following issues:
- shim-install: Always assume "removable" for Azure to avoid the endless
reset loop (bsc#1185464)
- Avoid deleting the mirrored RT variables (bsc#1187696)
- Split the keys in vendor-dbx.bin to vendor-dbx-sles and
vendor-dbx-opensuse for shim-sles and shim-opensuse to reduce the size
of MokListXRT (bsc#1185261)
+ Also update generate-vendor-dbx.sh in dbx-cert.tar.xz
- Handle ignore_db and user_insecure_mode correctly (bsc#1185441,
bsc#1187071)
- Relax the maximum variable size check for u-boot (bsc#1185621)
- Relax the check for import_mok_state() when Secure Boot is off.
(bsc#1185261)
- Ignore the odd LoadOptions length (bsc#1185232)
- shim-install: reset def_shim_efi to "shim.efi" if the given file doesn't
exist
- Fided the size of rela sections for AArch64
- Disable exporting vendor-dbx to MokListXRT since writing a large RT
variable could crash some machines (bsc#1185261)
- Avoid potential crash when calling QueryVariableInfo in EFI 1.10
machines (bsc#1187260)
- Avoid buffer overflow when copying data to the MOK config table
(bsc#1185232)
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2021-2464=1
Package List:
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64):
shim-15.4-4.7.1
shim-debuginfo-15.4-4.7.1
shim-debugsource-15.4-4.7.1
References:
https://bugzilla.suse.com/1185232
https://bugzilla.suse.com/1185261
https://bugzilla.suse.com/1185441
https://bugzilla.suse.com/1185464
https://bugzilla.suse.com/1185961
https://bugzilla.suse.com/1187071
https://bugzilla.suse.com/1187260
https://bugzilla.suse.com/1187696
More information about the sle-updates
mailing list