Fedora Linux 8781 Published by

A shim security update has been released for Fedora 35.



SECURITY: Fedora 35 Update: shim-15.6-1


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-98830efc68
2022-06-17 01:18:22.128939
--------------------------------------------------------------------------------

Name : shim
Product : Fedora 35
Version : 15.6
Release : 1
URL :   https://github.com/rhboot/shim/
Summary : First-stage UEFI bootloader
Description :
Initial UEFI bootloader that handles chaining to a trusted full bootloader
under secure boot environments. This package contains the version signed by
the UEFI signing service.

--------------------------------------------------------------------------------
Update Information:

This fixes several issues, most notably BZ#1955416 and CVE-2022-28737. Please
test.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 15 2022 Peter Jones - 15.6-1
- Update to shim-15.6
Resolves: CVE-2022-28737
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #1922565 - EFI HTTP boot fails if the HTTP headers are lower case
  https://bugzilla.redhat.com/show_bug.cgi?id=1922565
[ 2 ] Bug #1955416 - Lenovo ThinkPad T490, unable to boot following clean install, stuck at splash screen
  https://bugzilla.redhat.com/show_bug.cgi?id=1955416
[ 3 ] Bug #2010595 - Cannot install firmware if secureboot is enabled
  https://bugzilla.redhat.com/show_bug.cgi?id=2010595
[ 4 ] Bug #2029396 - shimx64.efi does not boot into fwupdx64.efi
  https://bugzilla.redhat.com/show_bug.cgi?id=2029396
[ 5 ] Bug #2078114 - Shim bug prevents firmware update in a ThinkPad firmware updates
  https://bugzilla.redhat.com/show_bug.cgi?id=2078114
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-98830efc68' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________