From 6e06d189e666db6ad6b9cbaea80b866ebf99c2cc Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Jun 15 2022 15:42:35 +0000 Subject: Update to shim-15.6 Resolves: CVE-2022-28737 Signed-off-by: Peter Jones --- diff --git a/shim.rpmmacros b/shim.rpmmacros index 9d1d8b5..3da0cd3 100644 --- a/shim.rpmmacros +++ b/shim.rpmmacros @@ -16,10 +16,10 @@ %global shimefiia32 %{expand:%{SOURCE21}} %global shimefix64 %{expand:%{SOURCE22}} -%global shimveraa64 15.4-1.fc34 +%global shimveraa64 15.6-1 %global shimverarm 15.4-1.fc34 -%global shimveria32 15.4-5.fc33 -%global shimverx64 15.4-5.fc33 +%global shimveria32 15.6-1 +%global shimverx64 15.6-1 %global shimdiraa64 %{_datadir}/shim/%{shimveraa64}/aa64 %global shimdirarm %{_datadir}/shim/%{shimverarm}/arm @@ -153,7 +153,7 @@ install -m 0700 fb%{-a*}.efi \\\ %ifarch x86_64 %global is_signed yes -%global is_alt_signed yes +%global is_alt_signed no %global provide_legacy_shim 1 %endif %ifarch aarch64 diff --git a/shim.spec b/shim.spec index 29e4153..fcdd5f0 100644 --- a/shim.spec +++ b/shim.spec @@ -4,8 +4,8 @@ %global dist %{expand:%%{_dist}} Name: shim -Version: 15.4 -Release: 5%{?dist} +Version: 15.6 +Release: 1~1%{?dist} Summary: First-stage UEFI bootloader License: BSD URL: https://github.com/rhboot/shim/ @@ -29,8 +29,8 @@ Source11: BOOTIA32.CSV Source21: shimia32.efi Source12: BOOTX64.CSV Source22: shimx64.efi -Source13: BOOTARM.CSV -Source23: shimarm.efi +#Source13: BOOTARM.CSV +#Source23: shimarm.efi %include %{SOURCE0} @@ -46,7 +46,7 @@ BuildRequires: %{unsignedia32} = %{shimveria32} %endif %ifarch aarch64 BuildRequires: %{unsignedaa64} = %{shimveraa64} -BuildRequires: %{unsignedarm} = %{shimverarm} +#BuildRequires: %% {unsignedarm} = %% {shimverarm} %endif %description @@ -107,6 +107,10 @@ install -m 0644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/dnf/protected.d/ %endif %changelog +* Wed Jun 15 2022 Peter Jones - 15.6-1~1 +- Update to shim-15.6 + Resolves: CVE-2022-28737 + * Wed May 05 2021 Javier Martinez Canillas - 15.4-5 - Bump release to build for F35 diff --git a/sources b/sources index 912acb0..d610d01 100644 --- a/sources +++ b/sources @@ -1,4 +1,3 @@ -SHA512 (shimx64.efi) = 7ceea9899f41ccd6a2d792af064ba3e7c52c575a951730b4bcd220b4e288857912c5600d977317f2bd444b66871bf78975041fa4db183f99df349c8981e3c8c9 -SHA512 (shimia32.efi) = dbbc66538e192eeed6e0306a1384f2508a4dc4572213ed7ad3f03db58d7f48b314e1f6dcc6396735fe24e624a84e9151d720f2085404c60d075bbe982240de4a -SHA512 (shimaa64.efi) = 8888af983c5b5293db092aac1b6339d775fef79c28054c25a1e8e3fe4f2b28b31b672fcc07d29e4dbfdcdfc2493103c6c5a1a9d50cb4d4539d66ce7395b33913 -SHA512 (shimarm.efi) = c5ccb61fd3e0ea80076795052e069c4645e7a17dc28360cd0f914ad200fce73434135acf36d905594fd0993fa41e6ee80ecebda546a6a1a5ad3372e75cb1635b +SHA512 (shimx64.efi) = 06488f3f5daf09b3e37e160721e9bf4c68a3ea17dcd19fad7dd1d7edbcf4c218a5b6264e7780bef46e400213459c1a8c9a0c4c1c48f7fe5d7b55b868dbdc3823 +SHA512 (shimia32.efi) = 8241bed8c3e2789741da15e265efb6a1d35d02c4ffbfd21428910c9e366575137a3d9d0c73aa10e62d59d81a98496668a05c5ac7f18a677ccb54e884db48f507 +SHA512 (shimaa64.efi) = 0cde143119bd59883cd0092532334accbdcea79537f1ebb5cd042051320c5345e775c8c230c025c2f390717c889142fc29188c88db7486818fb29c51d1678991