Debian alert DLA-3813-1 (shim)
| From: | rouca@debian.org | |
| To: | <debian-lts-announce@lists.debian.org> | |
| Subject: | [SECURITY] [DLA 3813-1] shim security update | |
| Date: | Tue, 14 May 2024 09:57:15 +0000 | |
| Message-ID: | <2e64e5c208a6ffe33bdfc96ff8aa74ea.rouca@debian.org> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3813-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Bastien Roucariès May 13, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : shim Version : 15.8-1~deb10u1 CVE ID : CVE-2023-40546 CVE-2023-40547 CVE-2023-40548 CVE-2023-40549 CVE-2023-40550 CVE-2023-40551 Debian Bug : 1046268 1069054 This release fixes various issues in shim bootloader and updates it to a supported version. Older versions of the shim may eventually be blocked by Secure Boot, so it is strongly advised for Secure Boot enabled systems to upgrade to this newer version to keep the system bootable. For Debian 10 buster, this problem has been fixed in version 15.8-1~deb10u1. We recommend that you upgrade your shim packages. For the detailed security status of shim please refer to its security tracker page at: https://security-tracker.debian.org/tracker/shim Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmZDNWsACgkQADoaLapB CF/8lBAAmJ21KC1L5aaliTpiyF5Bij3Cj8Bo+7q9I9YtWuQ5wsv6j35NcKV+t/Uc pILXg0srwvzLEtC9EIdy1t2I+0d7/plUOlis+N1ITYobmTvv1YY5e8rwpnrmowzO KrdB44Bqox0jP1CYDuCNGYt/aNYRAwOkM2lHwWSnBCE8/n5wfbvvTHPPv65d4Gxs golf+xIjFGgHYBSk5WterjcMbirwbGtjuMAgCVkOfXkkMcoiI9EbfXIUzaR9Nobd CAKOc16uRJCS6jzYBu9JVMPawMo0rKllx4LJc4REdUzzzrKrq3u9iwK9lM0H3NB6 0zjp6KAzJrKxZ6yxkSX/NDsGoy1V/xVUMLCwi2TjgVWpmrVPcOccL2lVg7MLTaP3 z/06G8JFDrT+BTh+zT8uyg3XBRv44aRIw2Wv6xs1Ilgwl22oen+wP83ANB6EngLS VyVhYWi/PadOF3cBJx5APpZDZScTxyVfqy2IhYi7d/Vp1I4x1OekSVqwgHfD+gwG 83YuW/btOMYK0Jg3jalGkk5bQ6uqYCpz11liWregpVkD2igONNv1o5Y3aYgrUqPp 9JSHPnl9aYJb1fDCzG6VpNCWML6aJU+8ugvcUQqfnncsWRtVrlT+kEylpQUOeK1o lxIe8XeAxv6/AD0Eh0daE95qBHOqF140G+EE8jE+UH5Rc6zt7N4= =9xvL -----END PGP SIGNATURE-----