Shim-Signed update.

70 Tango Charlie

Well-Known Member
Joined
Oct 7, 2019
Messages
523
Reaction score
676
Credits
2,064
Hello everyone,
I have an update sitting in my update manager called Shim-Signed.
Is this thing important to update? So far, I have not done anything with it.
It looks like a lot of gobbledy gook to me.
Thanks for your help.
Old Geezer, Tango Charlie

Shim.png
 


Which Linux are you running, Charlie ?
 
""
Shim

shim is a simple software package that is designed to work as a first-stage bootloader on UEFI systems.

It was developed by a group of Linux developers from various distros, working together to make SB work using Free Software. It is a common piece of code that is safe, well-understood and audited so that it can be trusted and signed using platform keys. This means that Microsoft (or other potential firmware CA providers) only have to worry about signing shim, and not all of the other programs that distro vendors might want to support.

Shim then becomes the root of trust for all the other distro-provided UEFI programs. It embeds a further distro-specific CA key that is itself used for signing further programs (e.g. Linux, GRUB, fwupdate). This allows for a clean delegation of trust - the distros are then responsible for signing the rest of their packages. Shim itself should ideally not need to be updated very often, reducing the workload on the central auditing and CA teams.

For extra trust and safety, from version 15 onwards the shim binary build is 100% reproducible - you can rebuild the Debian shim binary yourself to verify that no unexpected changes have been embedded in this key piece of security software.""

from : https://wiki.debian.org/SecureBoot
 
Which Linux are you running, Charlie ?
Hi Mate,
LM Mint 19.3 Mate.
Thanks for the link. It makes things a little clearer for me.
OG TC
 
If I recall correctly {HAH}, this is the first time I have seen this particular update item.
TC
 
Yes, it is a new one to me as well
 
This update has to do with the Grub2 Boothole vulnerability.
 

Members online


Top