On Fri, Jan 16, 2015 at 10:02:08AM -0500, Greg Freemyer wrote:

That's a big deal.

No, it's not, the overwhelming majority of users are not affected.

Can you explain how to use bootctl for those of us that aren't familiar with it.?

Of course.

I have a VM in the cloud running 13.1. No idea if it is a secure config. Using bootctl I get:

It is not. When you run bootctl there are three relevant scenarios: 1, You see "Secure Boot: enabled" in the output. Then you're using a secure boot configuration and are affected. You should update shim and prepare in advance so that you can confirm the dialog. 2, You see "Secure Boot: disabled" but you also see something like Selected Firmware Entry: Title: opensuse-secureboot Partition: /dev/disk/by-partuuid/dddddddd-cccc-bbbb-aaaa-ffffffffffff File: └─/EFI/opensuse/shim.efi Then you're not using secure boot but shim is used on your system nonetheless. You can either update shim and prepare in advance so that you can confirm the dialog or you switch to booting grub directly since you're not using secure boot anyway. 3, You see "Secure Boot: disabled" and don't have "shim" in the next few lines. It should like this Selected Firmware Entry: Title: grub Partition: /dev/disk/by-partuuid/dddddddd-cccc-bbbb-aaaa-ffffffffffff File: └─/EFI/opensuse/grub.efi you're not affected. You can update shim and won't notice the difference. This will be the case for the vast majority of users. Best regards, Johannes -- GPG Key E7C81FA0 EE16 6BCE AD56 E034 BFB3 3ADD 7BF7 29D5 E7C8 1FA0 Subkey fingerprint: 250F 43F5 F7CE 6F1E 9C59 4F95 BC27 DD9D 2CC4 FD66 SUSE LINUX GmbH Maxfeldstraße 5 90409 Nürnberg, Germany GF: Felix Imendörffer, Jane Smithard, Jennifer Guild, Dilip Upmanyu, Graham Norton, HRB 21284 (AG Nürnberg)