Commit 09995100 authored by Rocky Automation's avatar Rocky Automation 📺
Browse files

import shim-15.4-2.el8_1

parent c1756721
750bd7932437b1fb6610c233f69db1b70d67fab1 SOURCES/shimaa64.efi
96ea5ec6612ad2d49dfa812897fc2f70ebee6b9d SOURCES/shimia32.efi
b7adea991a31e4392910db8b7ee63faff39e9207 SOURCES/shimx64.efi
8ab193ad7addd71e4a820081f36d47e5ef727d28 SOURCES/shimaa64.efi
d3178fb0a2d662e2457e4a5cd13d1224e2aac1c2 SOURCES/shimia32.efi
9fb692b46fc70fd07a9acbbabc8e1c50d0e9a481 SOURCES/shimx64.efi
%global debug_package %{nil}
%global __brp_mangle_shebangs_exclude_from_file %{expand:%{_builddir}/shim-%{efi_arch}-%{version}-%{release}.%{_target_cpu}-shebangs.txt}
%global vendor_token_str %{expand:%%{nil}%%{?vendor_token_name:-t "%{vendor_token_name}"}}
%global vendor_cert_str %{expand:%%{!?vendor_cert_nickname:-c "Rocky Test Certificate"}%%{?vendor_cert_nickname:-c "%%{vendor_cert_nickname}"}}
%global vendor_cert_str %{expand:%%{!?vendor_cert_nickname:-c "Rocky Test Cert - Rocky Enterprise Software Foundation"}%%{?vendor_cert_nickname:-c "%%{vendor_cert_nickname}"}}
%global bootcsvaa64 %{expand:%{SOURCE10}}
%global bootcsvia32 %{expand:%{SOURCE11}}
......@@ -13,9 +13,9 @@
%global shimefix64 %{expand:%{SOURCE22}}
#%%global shimefiarm %%{expand:%%{SOURCE23}
%global shimveraa64 15-6.el8
%global shimveria32 15-9.el8
%global shimverx64 15-9.el8
%global shimveraa64 15-7.el8_1
%global shimveria32 15.4-4.el8_1
%global shimverx64 15.4-4.el8_1
#%%global shimverarm 15-1.el8
%global shimdiraa64 %{_datadir}/shim/%{shimveraa64}/aa64
......@@ -90,7 +90,7 @@ version signed by the UEFI signing service. \
# -i <input>
%define distrosign(b:a:d:) \
cp -av %{-d*}/%{-b*}%{-a*}.efi %{-b*}%{-a*}-unsigned.efi \
%{expand:%%sign -i %{-b*}%{-a*}-unsigned.efi -o %{-b*}%{-a*}-signed.efi -n rockylinuxbootsigningcert101test -a %{SOURCE2} -c %{SOURCE1} }\
%{expand:%%sign -i %{-b*}%{-a*}-unsigned.efi -o %{-b*}%{-a*}-signed.efi -n rockylinuxsecurebootcert101test -a %{SOURCE2} -c %{SOURCE1} }\
%{nil}
# -a <efiarch>
......
Name: shim
Version: 15
Release: 16%{?dist}.rocky
Version: 15.4
Release: 2%{?dist}.rocky
Summary: First-stage UEFI bootloader
License: BSD
URL: https://github.com/rhboot/shim/
......@@ -23,8 +23,8 @@ Source11: BOOTIA32.CSV
Source21: shimia32.efi
Source12: BOOTX64.CSV
Source22: shimx64.efi
Source23: rockylinuxbootsigningcert101test.cer
Source24: rockylinuxbootsigningca101test.cer
Source23: rockylinuxsecurebootcert101test.der
Source24: rockylinuxsecurebootca101test.der
#Source13: BOOTARM.CSV
#Source23: shimarm.efi
......@@ -102,19 +102,36 @@ install -m 0700 %{shimefi} $RPM_BUILD_ROOT%{efi_esp_dir}/shim.efi
%endif
%changelog
* Sat May 01 2021 Sherif Nagy <sherif@disroot.org> - 15-16.rocky
* Tue May 18 2021 Sherif Nagy <sherif@disroot.org> - 15.4-2.rocky
- Updating Rocky testing certs
* Tue May 18 2021 Sherif Nagy <sherif@disroot.org> - 15.4-2.rocky
- Moving to PEM certs for Rocky
* Sat May 01 2021 Sherif Nagy <sherif@disroot.org> - 15-16.rocky
* Tue May 18 2021 Sherif Nagy <sherif@disroot.org> - 15.4-2.rocky
- Remove Centos Certs and added Rocky certs
* Mon Sep 21 2020 Javier Martinez Canillas <javierm@redhat.com> - 15-16
- Fix an incorrect allocation size
Resolves: rhbz#1877253
* Tue Apr 06 2021 Peter Jones <pjones@redhat.com> - 15.4-2
- Fix build-deps on our shim-unsigned-* packages.
Related: CVE-2020-14372 (and others)
* Mon Apr 05 2021 Peter Jones <pjones@redhat.com> - 15.4-1
- Update to shim 15.4
- Support for revocations via the ".sbat" section and SBAT EFI variable
- A new unit test framework and a bunch of unit tests
- No external gnu-efi dependency
- Better CI
Resolves: CVE-2020-14372
Resolves: CVE-2020-25632
Resolves: CVE-2020-25647
Resolves: CVE-2020-27749
Resolves: CVE-2020-27779
Resolves: CVE-2021-20225
Resolves: CVE-2021-20233
* Fri Jul 31 2020 Peter Jones <pjones@redhat.com> - 15-15
- Update once again for new signed shim builds.
Resolves: rhbz#1861977
Resolves: rhbz#1862231
* Tue Jul 28 2020 Peter Jones <pjones@redhat.com> - 15-14
- Get rid of our %%dist hack for now.
......@@ -129,9 +146,7 @@ install -m 0700 %{shimefi} $RPM_BUILD_ROOT%{efi_esp_dir}/shim.efi
* Thu Jun 11 2020 Javier Martinez Canillas <javierm@redhat.com> - 15-12
- Fix firmware update bug in aarch64 caused by shim ignoring arguments
Resolves: rhbz#1830871
- Fix a shim crash when attempting to netboot
Resolves: rhbz#1795654
* Fri Jun 07 2019 Javier Martinez Canillas <javierm@redhat.com> - 15-11
- Update the shim-unsigned-aarch64 version number
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment