Bug#906124: grub-efi-amd64: Also in grub-efi-amd64
Vladislav Yarmak
vladislav at vm-0.com
Sat Oct 3 19:09:23 BST 2020
On Sat, 26 Sep 2020 22:33:42 +0000 Victorien Berlot
<victorien at berlot.ch> wrote:
> Hello,
>
> Has this bug been fixed ?
Nope, but this bug was ported to Centos 8 and probably other distros.
TBH, looks like widespread bootchain sabotage to me.
BTW, NSA released technical report about secureboot recently:
https://media.defense.gov/2020/Sep/15/2002497594/-1/-1/0/CTR-UEFI-SECURE-BOOT-CUSTOMIZATION-20200915.PDF/CTR-UEFI-SECURE-BOOT-CUSTOMIZATION-20200915.PDF
Interesting fact, they skip initramdrive verification as well, and
modern distros make it's verification next to impossible.
--
Best Regards,
Vladislav Yarmak
More information about the Pkg-grub-devel
mailing list