Your message dated Fri, 4 Aug 2023 11:10:46 +0100 with message-id <20230804101046.GA2283137@tack.einval.com> and subject line Re: Bug#920820: shim-signed - Fails to boot if run via EFI shell has caused the Debian Bug report #920820, regarding shim-signed - Fails to boot if run via EFI shell to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 920820: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920820 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: shim-signed - Fails to boot if run via EFI shell
- From: Bastian Blank <waldi@debian.org>
- Date: Tue, 29 Jan 2019 16:48:50 +0100
- Message-id: <20190129154849.z62dpw7gemclhu3n@shell.thinkmo.de>
Package: shim-signed Version: 1.28+nmu1+0.9+1474479173.6c180c6-1 Severity: important shim fails to boot if it was started from the EFI shell in the EDK2 reference implementation. Boot is aborted from the ExitBootServices call: | EFI stub: UEFI Secure Boot is enabled. | Bootloader has not verified loaded image. | System is compromised. halting. Bastian -- The man on tops walks a lonely street; the "chain" of command is often a noose.
--- End Message ---
--- Begin Message ---
- To: Bastian Blank <waldi@debian.org>, 920820-done@bugs.debian.org
- Subject: Re: Bug#920820: shim-signed - Fails to boot if run via EFI shell
- From: Steve McIntyre <steve@einval.com>
- Date: Fri, 4 Aug 2023 11:10:46 +0100
- Message-id: <20230804101046.GA2283137@tack.einval.com>
- In-reply-to: <20190129154849.z62dpw7gemclhu3n@shell.thinkmo.de>
- References: <20190129154849.z62dpw7gemclhu3n@shell.thinkmo.de>
On Tue, Jan 29, 2019 at 04:48:50PM +0100, Bastian Blank wrote: >Package: shim-signed >Version: 1.28+nmu1+0.9+1474479173.6c180c6-1 >Severity: important > >shim fails to boot if it was started from the EFI shell in the EDK2 >reference implementation. Boot is aborted from the ExitBootServices >call: > >| EFI stub: UEFI Secure Boot is enabled. >| Bootloader has not verified loaded image. >| System is compromised. halting. As far as I can see this is working as expected. If you have the EFI shell in your boot sequence, you've lost the trust chain. -- Steve McIntyre, Cambridge, UK. steve@einval.com "Since phone messaging became popular, the young generation has lost the ability to read or write anything that is longer than one hundred and sixty characters." -- Ignatios Souvatzis
--- End Message ---