summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2025-03-24Merge branch 'mr/fix-d-watch-for-RC' into 'master'masterSteve McIntyre
d/watch: mangle RC versions See merge request efi-team/shim!18
2025-03-24d/watch: mangle RC versionsFabian Grünbichler
else 16.0.rc1 gets sorted higher than the final 16.0 release tarball. Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2025-03-05Remove Steve Langasek from Uploaders. RIP my good friend.Steve McIntyre
2025-01-08Also make the rules-requires-root changes in the templatesSteve McIntyre
for our generated packages. Closes: #1092425
2025-01-04Update changelogSteve McIntyre
2025-01-04Merge branch 'bug-1089432-rootless' into 'master'Steve McIntyre
shim: Build without requiring root See merge request efi-team/shim!17
2024-12-28shim: Build without requiring rootNiels Thykier
Closes: #1089432
2024-05-26Merge branch 'remove-ubuntu-files' into 'master'Steve McIntyre
Remove Ubuntu CA and dbx files from the repository See merge request efi-team/shim!16
2024-05-26Remove Ubuntu CA and dbx files from the repositoryMate Kukri
2024-05-05salsa-ci config: Disable i386 builds and arm64 cross-buildsSteve McIntyre
2024-05-04Release 15.8-1debian/15.8-1Steve McIntyre
2024-05-04Clean up better after build. Closes: #1046268Steve McIntyre
2024-05-04Remove artifacts imported by mistakeSteve McIntyre
2024-05-04Install a copy of the Debian CA certificate into /usr/share/shim.Steve McIntyre
Closes: #1069054
2024-05-04Tag bugfixesSteve McIntyre
2024-05-03Force usage of newest revocations at build timeSteve McIntyre
Force shim to use the latest revocations by default to block some older grub / peimage issues. This is: "shim,4\ngrub,4\ngrub.peimage,2\n" This should work with the current released grub builds in all of buster, bullseye, bookwork and trixie/unstable. Let's not leave known security holes in the wild.
2024-05-03Cherry-pick latest grub revocation patches from upstream shimSteve McIntyre
0001-sbat-Add-grub.peimage-2-to-latest-CVE-2024-2312.patch 0002-sbat-Also-bump-latest-for-grub-4-and-to-todays-date.patch
2024-05-03Log if the build is nx-compatible or notSteve McIntyre
Add a new simple script to do this: check_nx
2024-05-03Stop building shim for i386Steve McIntyre
Debian kernels are no longer signed for i386, it's time to stop supporting i386 SB.
2024-05-03Switch to 15.8 upstream and drop patchesSteve McIntyre
2024-05-03New upstream version 15.8Steve McIntyre
2024-05-02Tweak the UUID handling to be clearerSteve McIntyre
2024-05-02Add salsa-ci.ymlBastien Roucariès
2024-04-29Merge branch 'fixes20240429' into 'master'Steve McIntyre
Apply multi-arch hints. + shim-unsigned: Add Multi-Arch: same. See merge request efi-team/shim!15
2024-04-29Add changelog entryBastien Roucariès
2024-04-29Add verification of upstream releaseBastien Roucariès
2024-04-29Fix d/watchBastien Roucariès
2024-04-29Closes: #936009Bastien Roucariès
2024-04-29Apply multi-arch hints. + shim-unsigned: Add Multi-Arch: same.Debian Janitor
Changes-By: apply-multiarch-hints
2024-04-17Merge branch 'tests' into 'master'Steve McIntyre
Tests See merge request efi-team/shim!14
2024-04-16Add machine smm=onBastien Roucariès
2024-04-15Fix test failureBastien Roucariès
2024-04-15Fix depreciation warningsBastien Roucariès
2024-04-15Use popen for lsb_releaseBastien Roucariès
2024-04-15Fix dependsBastien Roucariès
2024-04-15Update changelogBastien Roucariès
2024-04-15Port to debianBastien Roucariès
2024-04-15Add ubuntu testBastien Roucariès
2024-01-20generate_dbx_list: pick a fixed UUIDSteve McIntyre
otherwise our build won't be reproducible, doh!
2023-11-02Tweak building with pesign changesSteve McIntyre
We used to use efisiglist to generate the DBX list. Newer versions of the pesign package don't include it any more, and the recommended replacement tool is now efisecdb from efivar. Tweak the generate_dbx_list script to work with both old and new. Let's make backports easy...
2023-01-31Release 15.7-1debian/15.7-1Steve McIntyre
2023-01-30Swith to using the upstream "enable NX" patchSteve McIntyre
2023-01-29Block Debian grub binaries with sbat < 4 (see #1024617)Steve McIntyre
2023-01-24Enable NX support at build timeSteve McIntyre
As required by policy for signing new shim binaries.
2023-01-22Update upstream commit hash in buildSteve McIntyre
We're using 657b2483ca6e9fcf2ad8ac7ee577ff546d24c3aa, which is the 15.7 release plus the one patch we're applying.
2023-01-22Update to Standards-Version 4.6.2 (no changes needed)Steve McIntyre
2023-01-22Switch to using gcc-12Steve McIntyre
Closes: #1022180
2023-01-22Switch to new upstream (15.7)Steve McIntyre
Also import patch to deal with buggy binutils
2023-01-22Update upstream source from tag 'upstream/15.7'Steve McIntyre
Update to upstream version '15.7' with Debian dir f802105ae061241b13ab962854f56388092fc703
2023-01-22New upstream version 15.7upstream/15.7Steve McIntyre
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-20 17:09:31 +0000