Get:1 http://changelogs.ubuntu.com shim-signed 1.19~16.04.1 Changelog [6259 B] shim-signed (1.19~16.04.1) xenial; urgency=medium * update-secureboot-policy: - Add a --help option, document other options. (LP: #1604936) - Rework prompting to display our Secure Boot warning and explanation text more prominently, rather than forcing graphical users to hit "Help" to see the full explanation for why we ask about disabling Secure Boot. (LP: #1595611) -- Mathieu Trudel-Lapierre Tue, 02 Aug 2016 15:24:24 -0400 shim-signed (1.18~16.04.1) xenial; urgency=medium * update-secureboot-policy: If /proc/sys/kernel/moksbstate_disabled is present, prefer this unconditionally over MokSBStateRT. LP: #1604873. -- Steve Langasek Wed, 20 Jul 2016 12:09:58 -0700 shim-signed (1.17~16.04.1) xenial; urgency=medium * Backport shim-signed 1.17 to 16.04. (LP: #1574727) -- Mathieu Trudel-Lapierre Thu, 07 Jul 2016 20:17:24 -0400 shim-signed (1.17) yakkety; urgency=medium * update-secureboot-policy: rework setting capabilities to stop having the backup capability while showing an error message; which won't affect the Dialog debconf frontend but otherwise made the GTK frontend confusing. * update-secureboot-policy: all debconf prompts should be at priority critical: there is no good default to pick, we must prompt the user. * debian/templates: make the password inputs be standard inputs; this is an unfortunate workaround to aptdaemon not having access to the debconf password database on desktop; since the frontend runs as an unprivileged user. See bug LP#1599981 (LP: #1599051) -- Mathieu Trudel-Lapierre Thu, 07 Jul 2016 16:58:45 -0400 shim-signed (1.16) yakkety; urgency=medium * debian/shim-signed.postinst: call for the trigger on update of shim-signed. -- Mathieu Trudel-Lapierre Tue, 28 Jun 2016 17:34:23 -0400 shim-signed (1.15) yakkety; urgency=medium * update-secureboot-policy: validate the state of MokSBStateRT against what the kernel believes it to be via /proc/sys/kernel/moksbstate_disabled, in case we have the kernel which knows about shim's validation policy but an old shim that doesn't export MokSBStateRT. -- Mathieu Trudel-Lapierre Fri, 17 Jun 2016 16:47:40 +0300 shim-signed (1.14) yakkety; urgency=medium * update-secureboot-policy: - Make it easier for users to really re-enable Secure Boot via an --enable option. - Don't prompt for action if there are no DKMS packages installed, as per checking if there are any subdirectories in /var/lib/dkms. -- Mathieu Trudel-Lapierre Tue, 07 Jun 2016 16:09:53 -0400 shim-signed (1.13) yakkety; urgency=medium * update-secureboot-policy: have a trigger-ready script available to deal with the necessity to change Secure Boot policy on a system. * debian/shim-signed.templates: ship the necessary templates for secureboot. * debian/shim-signed.postinst: Run our trigger script to update Secure Boot policy when necessary at the end of installs, without calling dpkg-trigger again. -- Mathieu Trudel-Lapierre Mon, 16 May 2016 15:29:27 -0400 shim-signed (1.12) xenial; urgency=medium * debian/control: add Depends on mokutil, to ship a way for users to control shim features, such as enrolling new keys. -- Mathieu Trudel-Lapierre Wed, 16 Dec 2015 10:19:23 -0500 shim-signed (1.11) wily; urgency=medium * Add in an apport package hook for shim-signed and shim. (LP: #1490030) -- Brian Murray Fri, 11 Sep 2015 15:04:31 -0700 shim-signed (1.10) wily; urgency=medium * Add a versioned dependency on grub2-common, so that partial upgrades from Ubuntu 12.04 don't break due to a lack of --target option to grub-install. LP: #1474203. -- Steve Langasek Tue, 14 Jul 2015 10:46:41 -0700 shim-signed (1.9) wily; urgency=medium * Update to the signed 0.8-0ubuntu2 binary from Microsoft. -- Steve Langasek Sun, 07 Jun 2015 19:27:35 +0000 shim-signed (1.8) utopic; urgency=medium * Update to the signed 0.7-0ubuntu4 binary from Microsoft. -- Steve Langasek Tue, 21 Oct 2014 18:23:15 -0400 shim-signed (1.6) trusty; urgency=low * Also add a build-dependency on grub2-common, to ensure that our grub-install is the correct one - since grub-efi-amd64-bin is coinstallable with grub1. LP: #1259558. -- Steve Langasek Tue, 10 Dec 2013 09:10:23 -0800 shim-signed (1.5) trusty; urgency=low * Pass --target=x86_64-efi to grub-install from the postinst and depend on grub-efi-amd64-bin, so that package upgrades will do the right thing even if the system has been rebooted under BIOS. LP: #1246910. * Kubuntu sets GRUB_DISTRIBUTOR to a different value which doesn't match the path under /boot/efi; fix this up so shim-signed upgrades properly on Kubuntu systems. LP: #1242417. -- Steve Langasek Thu, 31 Oct 2013 17:06:21 -0700 shim-signed (1.4) trusty; urgency=low * Add a dependency on shim, so that we can pull in MokManager for use. * Update to the signed 0.4-0ubuntu4 binary from Microsoft. -- Steve Langasek Wed, 30 Oct 2013 15:04:23 -0700 shim-signed (1.3) saucy; urgency=low * Build-depend on sbsigntool (>= 0.6-0ubuntu4) and check the integrity of our signed binary at build time. * Update to the signed 0.4-0ubuntu3 binary from Microsoft. -- Steve Langasek Sat, 07 Sep 2013 22:09:22 +0000 shim-signed (1.2) raring; urgency=low * Recommend secureboot-db (LP: #1087843). -- Colin Watson Sat, 16 Feb 2013 00:02:00 +0000 shim-signed (1.1) quantal-proposed; urgency=low * Rev shim-signed for updated shim. -- Steve Langasek Fri, 12 Oct 2012 01:42:07 +0000 shim-signed (1.0) quantal; urgency=low * Initial release, based on grub2-signed package. -- Steve Langasek Tue, 09 Oct 2012 15:48:37 -0700 Fetched 6259 B in 0s (57.9 kB/s)