-
shim (15.4-0ubuntu7) hirsute; urgency=medium
* Fix load option parsing, and thus fwupd execution (LP: #1929471) (PR #379)
* Fix occasional crashes in _relocate() on arm64 (LP: #1928010) (PR #383)
* Fix accidental deletion of RT variables (LP: #1934506) (PR #387)
* mok: relax the maximum variable size check (LP: #1934780) (PR #369)
-- Julian Andres Klode <email address hidden> Wed, 07 Jul 2021 10:57:35 +0200
-
shim (15.4-0ubuntu5) hirsute; urgency=medium
* Rebuild in hirsute to get a more stable target to keep shim reproducible
for a longer time.
shim (15.4-0ubuntu3) impish; urgency=medium
[ Steve Langasek ]
* Use -Zxz compression, for compatibility with dpkg in older releases.
LP: #1925673
[ Julian Andres Klode ]
* Stop addending vendor dbx to MokListXRT during MokListX mirroring. This
is causing systems to run out of EFI storage space, or just hang up
when trying to write it (LP: #1924605) (LP: #1928434)
* Further relax the check for variable mirroring on non-secureboot systems
avoiding boot failures on out of space conditons (pull request #372)
[ Seth Forshee ]
* Don't unhook ExitBootServices() when EBS protection is disabled (LP: #1931136)
(pull request #378)
-- Julian Andres Klode <email address hidden> Wed, 16 Jun 2021 12:52:45 +0200
-
shim (15.4-0ubuntu2) hirsute; urgency=medium
[ Balint Reczey ]
* Fix boot on EFI 1.10 machines, for example on some MacBooks (LP: #1925010)
[ Dimitri John Ledkov ]
* Fix kernel warning when allocating MOK table (LP: #1925139)
* Fix booting with shim SBState disabled (LP: #1925140)
-- Dimitri John Ledkov <email address hidden> Tue, 20 Apr 2021 15:24:29 +0100
-
shim (15+1552672080.a4a1fbe-0ubuntu2) focal; urgency=medium
* d/patches/fix-path-checks.patch: Cherry-pick upstream fix for regression
in loading fwupd, or anything else specified as an argument (LP: #1864223)
-- Julian Andres Klode <email address hidden> Fri, 20 Mar 2020 16:19:14 +0100
-
shim (15+1533136590.3beb971-0ubuntu1) cosmic; urgency=medium
[ Steve Langasek ]
* Fix Vcs link.
[ dann frazier ]
* Enable arm64 build.
[ Mathieu Trudel-Lapierre ]
* New upstream snapshot.
* debian/patches/abort_abort_abort.patch: dropped patch, included upstream.
* debian/rules:
- define RELEASE and COMMIT_ID for the snapshot.
- Set ENABLE_HTTPBOOT to enable the HTTP Boot feature.
* debian/patches/fixup_git.patch: don't run git in clean; we're not really
in a git tree.
-- Mathieu Trudel-Lapierre <email address hidden> Wed, 22 Aug 2018 10:52:10 -0400
-
shim (13-0ubuntu2) bionic; urgency=medium
* debian/patches/abort_abort_abort.patch: signtool.exe isn't happy with some
of the structure of our binary, partly because abort() is thought to be an
external symbol, which causes some relocalisations to appear.
-- Mathieu Trudel-Lapierre <email address hidden> Tue, 07 Nov 2017 10:19:04 -0500
-
shim (0.9+1474479173.6c180c6-1ubuntu1) zesty; urgency=medium
[ Steve Langasek ]
* Merge (not yet NEW cleared) changes from Debian branch.
[ Mathieu Trudel-Lapierre ]
* debian/patches/0001-shim-fix-the-mirroring-MokSBState-fail.patch: guard
against errors in mirroring MokSBState to MokSBStateRT. Thanks to Ivan Hu
for the patch. This will fix issues updating MokSBStateRT if the variable
already exists with different attributes. (LP: #1644806)
-- Mathieu Trudel-Lapierre <email address hidden> Thu, 01 Dec 2016 16:55:50 -0500
-
shim (0.9+1474479173.6c180c6-0ubuntu1) yakkety; urgency=medium
[ Helen Koike ]
* debian/copyright: add OpenSSL license
[ Mathieu Trudel-Lapierre ]
* New upstream release. (LP: #1624096)
* debian/copyright: patches should be BSD, like the rest of the upstream
code.
* debian/patches/unused-variable: dropped; applied upstream.
* debian/patches/binutils-version-matching: dropped, fixed upstream.
* debian/shim.install: built EFI binaries were renamed; update our install
file to properly pick up shim (shim$arch), MokManager (mm$arch), and
fallback (fb$arch).
-- Mathieu Trudel-Lapierre <email address hidden> Thu, 22 Sep 2016 15:02:20 -0400
-
shim (0.8-0ubuntu2) wily; urgency=medium
* No-change rebuild against gnu-efi 3.0v-5ubuntu1.
shim (0.8-0ubuntu1) wily; urgency=medium
* New upstream release.
- Clarify meaning of insecure_mode. (LP: #1384973)
* debian/patches/CVE-2014-3675.patch, debian/patches/CVE-2014-3677.patch,
debian/patches/0001-Update-openssl-to-0.9.8za.patch: dropped, included
in the upstream release.
* debian/patches/sbsigntool-not-pesign,debian/patches/second-stage-path:
refreshed.
-- Steve Langasek <email address hidden> Tue, 12 May 2015 17:48:30 +0000
