openSUSE: 2021:0598-1 Important Fix For Shim System Boot Error

opensuse

April 23, 2021

An update that solves one vulnerability and has 7 fixes is now available

Description

This update for shim fixes the following issues:

- Updated openSUSE x86 signature

- Avoid the error message during linux system boot (boo#1184454)

- Prevent the build id being added to the binary. That can cause issues

with the signature

Update to 15.4 (boo#1182057)

+ Rename the SBAT variable and fix the self-check of SBAT

+ sbat: add more dprint()

+ arm/aa64: Swizzle some sections to make old sbsign happier

+ arm/aa64 targets: put .rel* and .dyn* in .rodata

- Change the SBAT variable name and enhance the handling of SBAT

(boo#1182057)

Update to 15.3 for SBAT support (boo#1182057)

+ Drop gnu-efi from BuildRequires since upstream pull it into the

- Generate vender-specific SBAT metadata

+ Add dos2unix to BuildRequires since Makefile requires it for vendor

SBAT

- Update dbx-cert.tar.xz and vendor-dbx.bin to block the following sign

keys:

+ SLES-UEFI-SIGN-Certificate-2020-07.crt

+...

Read the Full Advisory

Topics Covered

security advisory critical issue security fix system patch important fix openSUSE shim update boot error system boot error

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2021-598=1

Package List

- openSUSE Leap 15.2 (x86_64):

shim-15.4-lp152.4.8.1

shim-debuginfo-15.4-lp152.4.8.1

shim-debugsource-15.4-lp152.4.8.1

References

https://www.suse.com/security/cve/CVE-2019-14584.html

https://bugzilla.suse.com/1173411

https://bugzilla.suse.com/1174512

https://bugzilla.suse.com/1175509

https://bugzilla.suse.com/1177315

https://bugzilla.suse.com/1177404

https://bugzilla.suse.com/1177789

https://bugzilla.suse.com/1182057

https://bugzilla.suse.com/1184454

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: openSUSE-SU-2021:0598-1

Rating: important

Affected Products: openSUSE Leap 15.2 ble.

Topics Covered

security advisory critical issue security fix system patch important fix openSUSE shim update boot error system boot error

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

openSUSE: 2021:0598-1 Important Fix For Shim System Boot Error

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

openSUSE: 2021:0598-1 Important Fix For Shim System Boot Error

Description

Topics Covered

Patch

Package List

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!