File _patchinfo of Package patchinfo.16785

<patchinfo incident="16785">
  <category>recommended</category>
  <rating>moderate</rating>
  <packager>gary_lin</packager>
  <issue tracker="bnc" id="1177315">VUL-0: EMBARGOED: shim: does not enforce codesigning certificate in x509 key chain</issue>
  <summary>Recommended update for shim-susesigned</summary>
  <description>

This update contains changes needed for Common criteria certification.

shim:

* add a temporary shim loader EFI signed by SUSE that contains additional checks of Extended Key Usage for Codesigning (bsc#1177315)

The Common Criteria system role for 15-SP2 was adjusted:

* Configure alternative shim (bsc#1177315)
* Remove curve25519-sha256@libssh.org as it doesn't work in fips mode
* doc: logrotate is started via timer

</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.16785

Places