| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2024-05-12 | Switch distribution to buster-securitydebian/15.8-1_deb10u1buster/updates | Steve McIntyre | |
| 2024-05-06 | Add salsa-ci | Bastien Roucariès | |
| 2024-05-06 | Release 15.8-1~deb10u1 for buster | Steve McIntyre | |
| 2024-05-06 | check_nx: ignore arm64 binaries | Steve McIntyre | |
| the toolchain is too old | |||
| 2024-05-06 | Tweak arm64 patch | Steve McIntyre | |
| 2024-05-06 | Clean up better after build. Closes: #1046268 | Steve McIntyre | |
| 2024-05-06 | Install a copy of the Debian CA certificate into /usr/share/shim. | Steve McIntyre | |
| Closes: #1069054 | |||
| 2024-05-06 | Force usage of newest revocations at build time | Steve McIntyre | |
| Force shim to use the latest revocations by default to block some older grub / peimage issues. This is: "shim,4\ngrub,4\ngrub.peimage,2\n" This should work with the current released grub builds in all of buster, bullseye, bookwork and trixie/unstable. Let's not leave known security holes in the wild. | |||
| 2024-05-06 | Cherry-pick latest grub revocation patches from upstream shim | Steve McIntyre | |
| 0001-sbat-Add-grub.peimage-2-to-latest-CVE-2024-2312.patch 0002-sbat-Also-bump-latest-for-grub-4-and-to-todays-date.patch | |||
| 2024-05-06 | Log if the build is nx-compatible or not | Steve McIntyre | |
| Add a new simple script to do this: check_nx | |||
| 2024-05-06 | Switch to 15.8 upstream and drop old patches | Steve McIntyre | |
| 2024-05-06 | Remove artifacts imported by mistake | Steve McIntyre | |
| 2024-05-06 | Merge tag 'upstream/15.8' into buster/updates | Bastien Roucariès | |
| Upstream version 15.8 | |||
| 2024-02-17 | New upstream version 15.8upstream/15.8upstream | Steve McIntyre | |
| 2023-01-31 | Retarget to buster-securitydebian/15.7-1_deb10u1 | Steve McIntyre | |
| 2023-01-31 | Release 15.7-1~deb10u1 | Steve McIntyre | |
| 2023-01-31 | Block Debian grub binaries with sbat < 4 (see #1024617) | Steve McIntyre | |
| 2023-01-31 | Enable NX support at build time | Steve McIntyre | |
| As required by policy for signing new shim binaries. | |||
| 2023-01-31 | Import upstream patch to deal with buggy binutils | Steve McIntyre | |
| 2023-01-31 | Port 15.7-1 back to buster too | Steve McIntyre | |
| Fold in our other changes, and test | |||
| 2023-01-31 | Merge branch 'upstream' into buster/updates | Steve McIntyre | |
| 2023-01-22 | New upstream version 15.7upstream/15.7 | Steve McIntyre | |
| 2022-07-28 | Release 15.6-1~deb10u1debian/15.6-1_deb10u1 | Steve McIntyre | |
| 2022-07-26 | Add new patches reverting arm64 build system changes | Steve McIntyre | |
| so we can build using older binutils | |||
| 2022-07-24 | Port 15.6-1 back to buster too | Steve McIntyre | |
| Fold in our other changes, and test | |||
| 2022-07-24 | Merge branch 'upstream' into buster/updates | Steve McIntyre | |
| 2022-06-23 | New upstream version 15.6upstream/15.6 | Steve McIntyre | |
| 2022-04-27 | New upstream version 15.5upstream/15.5 | Steve McIntyre | |
| 2021-07-12 | Tweak how we call grub-install; don't abort on errordebian/15.4-7_deb10u1 | Steve McIntyre | |
| Not ideal behaviour either, but don't break upgrades. Copy the behaviour from the grub packages here. Closes: #990966 | |||
| 2021-06-23 | Release 15.4-6~deb10u1debian/15.4-6_deb10u1 | Steve McIntyre | |
| 2021-06-22 | In insecure mode, don't abort if we can't create the MokListXRT var | Steve McIntyre | |
| Upstream issue #372. Closes: #989962, #990158 | |||
| 2021-06-22 | Add arm64 patch to tweak section layout and stop crashing problems | Steve McIntyre | |
| Upstream issue #371. Closes: #990082 | |||
| 2021-05-08 | Add defensive code around calls to db_getdebian/15.4-5_deb10u1 | Steve McIntyre | |
| Don't fail if they return errors. | |||
| 2021-05-08 | Fix up the template maintainer scripts | Steve McIntyre | |
| if we're not running on an EFI system then exit cleanly | |||
| 2021-05-03 | Add maintainer scripts to the template packagesdebian/15.4-3_deb10u1 | Steve McIntyre | |
| Manage installing and removing fbXXX.efi and mmXXX.efi when we install/remove the shim-helpers-$arch-signed packages. Closes: #966845 | |||
| 2021-04-21 | Use a better version number for the buster builddebian/15.4-2_deb10u1 | Steve McIntyre | |
| 2021-04-21 | Add changelog for 15.4-1_deb10u2 with new patches | Steve McIntyre | |
| 2021-04-21 | Don't call QueryVariableInfo() on EFI 1.10 machines | Steve McIntyre | |
| New patch from upstream, don't break old Macs | |||
| 2021-04-21 | Fix handling of ignore_db and user_insecure_mode | Steve McIntyre | |
| Extra patch from upstream | |||
| 2021-04-17 | Stop hardcoding the release version in the rules filedebian/15.4-1_deb10u1 | Steve McIntyre | |
| We can grab it from the changelog already | |||
| 2021-04-17 | Clean more things | Steve McIntyre | |
| 2021-04-17 | Prep for releasing based on 15.4 | Steve McIntyre | |
| 2021-04-14 | allocate MOK config table as BootServicesData | Steve McIntyre | |
| Another patch from upstream, needed with newer kernels on x86 | |||
| 2021-03-31 | Add one more patch from upstream to fix i386 binary relocations | Steve McIntyre | |
| 2021-03-31 | Print sha256 checksums of the EFI binaries when the build is done | Steve McIntyre | |
| 2021-03-31 | Update to the 15.4 release | Steve McIntyre | |
| 2021-03-31 | Merge tag 'upstream/15.4' into buster/updates | Steve McIntyre | |
| Upstream version 15.4 | |||
| 2021-03-31 | New upstream version 15.4upstream/15.4 | Steve McIntyre | |
| 2021-03-24 | Tweak the SBAT data to keep reproducibilitydebian/15.3-1_deb10u3 | Steve McIntyre | |
| Only include the upstream version in the Debian SBAT metadata, so we don't break reproducibility on every minor packaging change. | |||
| 2021-03-24 | Add missing build-dep on xxd for build-time unit testsdebian/15.3-1_deb10u2 | Steve McIntyre | |
 |
index : efi-boot-shim.git | |
| (mirror of https://github.com/vyos/efi-boot-shim.git) |
| summaryrefslogtreecommitdiff |