Mailinglist Archive: opensuse-security (3 mails)

< Previous Next >
Re: [opensuse-security] Re: [security-announce] Heads up: "BootHole" security issue
On Thu, Jul 30, 2020 at 02:46:35PM +0200, mailinglisten@xxxxxxxxx wrote:
Am 29.07.20 um 20:07 schrieb Marcus Meissner:
Hi folks,

Researchers from Eclypsium just published a new vulnerability in grub2

We put a highlevel view in a blog:

and our TID:

Unfortunately, neither document gives the complete key id so we can know
what SUSE keys precisely are to be changed.

If I understand correctly

"openSUSE Secure Boot CA"
with sha1 fingerprint

will stay unchanged?

Yes, the openSUSE Secure Boot CA will stay unchanged.

Is the new key available for download somewhere?
I have my own set of PK/KEK and import such keys usually manually.

We still need to generate the new key, we need to wait until the fixed grub2
has been checked into openSUSE:Factory first to avoid having it signed by the
new key.

I will send it as reply as soon as its available.

Ciao, Marcus
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation