Am 29.07.20 um 20:07 schrieb Marcus Meissner:
Hi folks,
Researchers from Eclypsium just published a new vulnerability in grub2 called "BootHole".
We put a highlevel view in a blog: https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/
and our TID: https://www.suse.com/support/kb/doc/?id=000019673
Unfortunately, neither document gives the complete key id so we can know what SUSE keys precisely are to be changed. If I understand correctly "openSUSE Secure Boot CA" with sha1 fingerprint 46:59:83:8c:82:03:fe:15:52:ad:19:e1:86:09:db:21:7e:3a:d2:4f will stay unchanged? Is the new key available for download somewhere? I have my own set of PK/KEK and import such keys usually manually. Thanks -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org