Control: severity -1 important Hi Eric,
On Fri, Nov 18, 2022 at 07:24:32PM +0100, Eric Valette wrote: >Package: grub-efi-amd64-bin >Version: 1+2.06+5 >Severity: grave >Tags: security >Justification: user security hole >X-Debbugs-Cc: Debian Security Team <t...@security.debian.org> > >After upgrade to 2.06-5, I get an error message "prohibited by secure boot >policy" and it boot >with a strange look with \xe7caracaters instead of lines. Right. Those are both part of the security fixes that went into the latest grub upload. It's trying to load fonts from /usr, but that's now blocked when doing Secure Boot. It's basically cosmetic, but obviously we don't want to leave it like this. We're talking upstream about the best way to fix this up now. >I build my own kernel and enrolled my owns keys, sign the linux >kernel binarry and the mdoules with the keys. Everythong was working >fine with 2.06-3. > >I also noticed that my enrolled keys is no more listed via "mokutil >--list-enrolled". Although no key were cleared. OK. I believe that is more likely an unrelated issue. -- Steve McIntyre, Cambridge, UK. st...@einval.com "C++ ate my sanity" -- Jon Rabone
