Bug#897163: Remove CONFIG_SYSTEM_TRUSTED_KEYS="debian/certs/benh@debian.org.cert.pem"
Package: linux-image-amd64
Version: 4.15+91~bpo9+1
Severity: normal
Tags: security
The Debian kernels are currently built with
CONFIG_SYSTEM_TRUSTED_KEYS="debian/certs/benh@debian.org.cert.pem"
This was introduced with
https://alioth-lists-archive.debian.net/pipermail/kernel-svn-changes/2016-April/022904.html
We are now two years after Ben's contribution and we are still not using
kernel module signing (CONFIG_MODULE_SIG is not set in config).
As there is no need for the kernel trusting Ben's certificate, please,
remove the setting.
Best regards
Heinrich Schuchardt
-- System Information:
Debian Release: 9.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (100, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: arm64, armhf, i386
Kernel: Linux 4.15.0-0.bpo.2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored:
LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
(ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages linux-image-amd64 depends on:
ii linux-image-4.15.0-0.bpo.2-amd64 4.15.11-1~bpo9+1
linux-image-amd64 recommends no packages.
linux-image-amd64 suggests no packages.
-- no debconf information
Reply to: