Project

General

Profile

Actions
Copy link

action #56300

closed

get signed shim

Added by lnussel over 5 years ago. Updated over 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Release Engineering
Target version:
Beta
Start date:
2020-01-24
Due date:
2020-03-27
% Done:

100%

Estimated time:

Description

Talk to security to request and submit a properly signed shim

Shim is mean to be built on a stable distro, eg $Leap-.1. During the submission period to Microsoft it may not be possible to update some packages, eg binutils or openssl to make sure the build stays reproducible. After acquiring the new signature, submit shim to the stable distro to get it officially built and released. Fetch the rpm and put it in the "shim-leap" package for repacking in other code streams like $Leap and TW.

Related issues 1 (0 open1 closed)

Copied from openSUSE Leap 15.1 - action #39383: get signed shimClosed2019-01-252019-03-29

Actions
Actions
Copy link
 #1

Updated by lnussel over 5 years ago

Actions
Copy link
 #2

Updated by lnussel about 5 years ago

  • Description updated (diff)
Actions
Copy link
 #3

Updated by lkocman over 4 years ago

  • % Done changed from 0 to 50
Actions
Copy link
 #4

Updated by lkocman over 4 years ago

  • Status changed from New to Resolved
  • % Done changed from 50 to 100

Therefore is there any pending work on shim side for openSUSE Leap
15.2?

not at the moment. We have several issues with the process of getting a new
signed shim. We try to resolve those but we only have limited control over
some parts of this.

For now you can reuse the existing shim. We will probably need to update
the existing shim due to some security issue in grub, but ATM we don't know
how to do that with the process as it currently is.

Johannes

Actions
Copy link

Also available in: Atom PDF