** Tags removed: verification-done-jammy -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2002812
Title: Revoke & rotate to new signing key Status in linux package in Ubuntu: Fix Released Status in linux source package in Bionic: Fix Released Status in linux source package in Focal: Fix Released Status in linux source package in Jammy: Fix Released Status in linux source package in Kinetic: Fix Released Bug description: [ Impact ] * Revoke & rotate to new signing key * Update revocations, which match the next Ubuntu shim 15.7 revocations. Specifically - revoke certs that were previously protected with by-hash revocations, revoke lost/unused certificates. * Start using advantage2021v1 and ubuntu2022v1 signing keys. * This is a routine key rotation. [ Test Plan ] * Check that old shim/grub boot this kernel * Check that the upcomming future shim/grub can boot this kernel * Check that these kernels can do signed kexec into itself [ Where problems could occur ] * Kernels with this patch applied should be signed using ubuntu/4 pro/3 core/2 signing streams. [ Other Info ] * TPM PCR values and measurements will change when changing the signing key To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2002812/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
