* debian/patches/shim_secureboot_support.patch:
- Move to signing just after module build to ensure it correctly applies
at kernel update times. (LP: #1772950)
- Generate a new MOK if there isn't one yet, and use that so sign
newly-built kernel modules. (LP: #1748983)
* debian/control: Breaks: shim-signed (<< 1.33.1~14.04.4) to ensure both
are updated in lock-step since the changes above require a new version of
update-secureboot-policy to correctly generate the new MOK and enroll it
in firmware.
This bug was fixed in the package dkms - 2.2.0.3- 1.1ubuntu5. 14.04.10
--------------- 3-1.1ubuntu5. 14.04.10) trusty; urgency=medium
dkms (2.2.0.
* debian/ patches/ shim_secureboot _support. patch: secureboot- policy to correctly generate the new MOK and enroll it
- Move to signing just after module build to ensure it correctly applies
at kernel update times. (LP: #1772950)
- Generate a new MOK if there isn't one yet, and use that so sign
newly-built kernel modules. (LP: #1748983)
* debian/control: Breaks: shim-signed (<< 1.33.1~14.04.4) to ensure both
are updated in lock-step since the changes above require a new version of
update-
in firmware.
-- Mathieu Trudel-Lapierre <email address hidden> Mon, 28 Jan 2019 11:05:49 -0500