This update for shim fixes the following issues:
shim is updated to version 16.1:
* shim_start_image(): fix guid/handle pairing when uninstalling protocols
* Fix uncompressed ipv6 netboot
* fix test segfaults caused by uninitialized memory
* SbatLevel_Variable.txt: minor typo fix.
* Realloc() needs to allocate one more byte for sprintf()
* IPv6: Add more check to avoid multiple double colon and illegal char
* Loader proto v2
* loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages
* Generate Authenticode for the entire PE file
* README: mention new loader protocol and interaction with UKIs
* shim: change automatically enable MOK_POLICY_REQUIRE_NX
* Save var info
* add SbatLevel entry 2025051000 for PSA-2025-00012-1
* Coverity fixes 20250804
* fix http boot
* Fix double free and leak in the loader protocol
shim is updated to version 16.0:
* Validate that a supplied vendor cert is not in PEM format
* sbat: Add grub.peimage,2 to...
Read the Full Advisory## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2026-741=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-741=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-741=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-741=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-741=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-741=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-741=1
* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-741=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-741=1
* SUSE Linux Enterprise High...
Read the Full Advisory* openSUSE Leap 15.3 (aarch64 x86_64)
* shim-16.1-150300.4.31.3
* shim-debugsource-16.1-150300.4.31.3
* shim-debuginfo-16.1-150300.4.31.3
* openSUSE Leap 15.6 (aarch64 x86_64)
* shim-16.1-150300.4.31.3
* shim-debugsource-16.1-150300.4.31.3
* shim-debuginfo-16.1-150300.4.31.3
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
* shim-16.1-150300.4.31.3
* shim-debugsource-16.1-150300.4.31.3
* shim-debuginfo-16.1-150300.4.31.3
* SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
* shim-16.1-150300.4.31.3
* shim-debugsource-16.1-150300.4.31.3
* shim-debuginfo-16.1-150300.4.31.3
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
* shim-16.1-150300.4.31.3
* shim-debugsource-16.1-150300.4.31.3
* shim-debuginfo-16.1-150300.4.31.3
* SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
* shim-16.1-150300.4.31.3
* shim-debugsource-16.1-150300.4.31.3
* shim-debuginfo-16.1-150300.4.31.3
* SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64)
* shim-16.1-150300.4.31.3
* shim-debugsource-16.1-150300.4.31.3
*...
Read the Full Advisory* bsc#1240871
* bsc#1247432
## References:
* https://www.suse.com/security/cve/CVE-2024-2312.html
* https://bugzilla.suse.com/show_bug.cgi?id=1240871
* https://bugzilla.suse.com/show_bug.cgi?id=1247432
Get the latest Linux and open source security news straight to your inbox.