summaryrefslogtreecommitdiff
path: root/debian/control
blob: 13e2c208f6e13105aa1df338be7ab6edde0d51ca (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
Source: shim-signed
Section: utils
Priority: optional
Maintainer: VyOS Package Maintainers <maintainers@vyos.net>
Uploaders: Christian Breunig <christian@breunig.cc>
Build-Depends: debhelper (>= 13),
 shim-unsigned (= 16.0-1+vyos1),
 shim-helpers-amd64-signed [amd64],
 shim-helpers-arm64-signed [arm64],
# sbsigntool before 0.9.2-2 had a horrid bug with checksum calculation
# which broke our build
 sbsigntool (>= 0.9.2-2),
 po-debconf,
 debhelper-compat (= 13),
 python3-cryptography,
Standards-Version: 4.5.1
Vcs-Browser: https://salsa.debian.org/efi-team/shim-signed
Vcs-Git: https://salsa.debian.org/efi-team/shim-signed.git
Rules-Requires-Root: no

Package: shim-signed
Architecture: amd64 arm64
Multi-Arch: same
Pre-Depends: debconf
Depends: ${misc:Depends},
 mokutil,
 shim-signed-common (>= ${source:Version}),
 grub-efi-amd64-bin [amd64] | systemd-boot [amd64],
 shim-helpers-amd64-signed (>= ${helpers:Version}) [amd64],
 grub-efi-arm64-bin [arm64] | systemd-boot [arm64],
 shim-helpers-arm64-signed (>= ${helpers:Version}) [arm64],
 grub2-common (>= 2.06-6) | systemd-boot [amd64 arm64],
Built-Using: shim (= ${shim:Version})
Description: Secure Boot chain-loading bootloader (Microsoft-signed binary)
 This package provides a minimalist boot loader which allows verifying
 signatures of other UEFI binaries against either the Secure Boot DB/DBX or
 against a built-in signature database.  Its purpose is to allow a small,
 infrequently-changing binary to be signed by the UEFI CA, while allowing
 an OS distributor to revision their main bootloader independently of the CA.
 .
 This package contains the version of the bootloader binary signed by the
 Microsoft UEFI CA(s).

Package: shim-signed-common
Multi-Arch: foreign
Architecture: all
Depends: ${misc:Depends}, mokutil, openssl, kmod
Replaces: shim-signed (<< 1.32+15+1533136590.3beb971-5)
Breaks: shim-signed (<< 1.32+15+1533136590.3beb971-5)
Description: Secure Boot chain-loading bootloader (common helper scripts)
 This package provides a minimalist boot loader which allows verifying
 signatures of other UEFI binaries against either the Secure Boot DB/DBX or
 against a built-in signature database.  Its purpose is to allow a small,
 infrequently-changing binary to be signed by the UEFI CA, while allowing
 an OS distributor to revision their main bootloader independently of the CA.
 .
 This package contains common helper scripts for all versions of the
 shim-signed package.