[Bug 1087843] Re: [MIR] secureboot-db

Thu Nov 7 16:40:18 UTC 2013

This bug was fixed in the package shim-signed - 1.4

---------------
shim-signed (1.4) trusty; urgency=low

  * Add a dependency on shim, so that we can pull in MokManager for use.
  * Update to the signed 0.4-0ubuntu4 binary from Microsoft.
 -- Steve Langasek <steve.langasek at ubuntu.com>   Wed, 30 Oct 2013 15:04:23 -0700

** Changed in: shim-signed (Ubuntu Precise)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2-signed in Ubuntu.
https://bugs.launchpad.net/bugs/1087843

Title:
  [MIR] secureboot-db

Status in “grub2-signed” package in Ubuntu:
  Fix Released
Status in “secureboot-db” package in Ubuntu:
  Fix Released
Status in “shim-signed” package in Ubuntu:
  Fix Released
Status in “grub2-signed” source package in Precise:
  Fix Released
Status in “secureboot-db” source package in Precise:
  Fix Released
Status in “shim-signed” source package in Precise:
  Fix Released
Status in “grub2-signed” source package in Quantal:
  Fix Released
Status in “secureboot-db” source package in Quantal:
  Fix Released
Status in “shim-signed” source package in Quantal:
  New
Status in “grub2-signed” source package in Raring:
  Fix Released
Status in “secureboot-db” source package in Raring:
  Fix Released
Status in “shim-signed” source package in Raring:
  Fix Released

Bug description:
  Availability: The package is in universe in 13.04 (pending bug
  #1081700)

  Rationale: This package is provided as part of Ubuntu's secure boot
  strategy and will also be backported to 12.04 LTS and 12.10 as part of
  https://blueprints.launchpad.net/ubuntu/+spec/foundations-r-secure-
  boot.

  Security: The package is new and has no security history. It is also
  simple and only ships data and runs sbkeysync in postinstall.

  Quality assurance: there is no special configuration. Install the
  package and updates to DB and DBX are automatically performed in
  postinst via sbkeysync. There are no debconf questions or outstanding
  bugs. The package is for Ubuntu only, which is why it uses native
  packaging. There is no testsuite as there is no code to test. The
  package is lintian clean. The package ships a README.source which
  details how to add new signed updates to the package and testing
  procedures are documented and given to Foundations, QA, Security and
  PES.

  UI standards: N/A

  Dependencies: the package has a binary dependency on sbsigntool, which
  is already in main.

  Standards compliance: The package meets FHS and Debian Policy
  standards.

  Maintenance: The package will be maintained by Ubuntu Foundations and
  Ubuntu Security.

  Background information: In order to properly support secure boot, we
  need a method to update the DB and DBX key databases to support key
  rotation and blacklisting.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2-signed/+bug/1087843/+subscriptions