Comments
puiterwijk
provided feedback
on keylime-6.0.1-2.fc32
4 years ago
Works perfectly, and firmware was updated succesfully.
[root@crime puiterwijk]# pesign -S -i /boot/efi/EFI/fedora/fwupdx64.efi
certificate address is 0x7f5db975c198 Content was not encrypted. Content is detached; signature cannot be verified. The signer's common name is Fedora Secure Boot Signer
This build has fwupd unsigned because @adamwill is not allowed to build signed things or this went to the wrong channel.
[root@crime fedora]# pesign -S -i fwupdx64.efi
certificate address is 0x7f89a1d71198 Content was not encrypted. Content is detached; signature cannot be verified. The signer's common name is Red Hat Test Certificate
Installed an f30 guest with host-passthrough CPU type on an f28 host with this update, and the guest return "Mitigation: Clear CPU buffers; SMT Host state unknown". So the VM works, and md_clear is made visible to the guest.
Installed an f30 guest with host-passthrough CPU type on an f28 host with this update, and the guest return "Mitigation: Clear CPU buffers; SMT Host state unknown". So the VM works, and md_clear is made visible to the guest.
Curl works, and GOAWAY is handled correctly.
Fixes the reproducer for the libgcrypt fips rng bug.
@zbyszek The answer about the Severity field: It was not set when the update was filed, I have updated this to Urgent after looking at the security teams' assessment of the attached security bugs to make sure it went out.
Yes, this update was revoked.
This fixes the overwrite problem in upstream bug #7.
This fixes the overwrite problem in upstream bug #7.