{"update": {"autokarma": true, "autotime": true, "stable_karma": 3, "stable_days": 14, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "- restore umask for grub.cfg (CVE-2021-3981)\n- re-run signing after infrastructure fix", "type": "security", "status": "stable", "request": null, "severity": "unspecified", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": true, "critpath_groups": null, "close_bugs": true, "date_submitted": "2021-12-10 18:07:46", "date_modified": null, "date_approved": null, "date_testing": "2021-12-11 01:15:12", "date_stable": "2021-12-12 01:09:38", "alias": "FEDORA-2021-8dbf0a81c0", "test_gating_status": "passed", "from_tag": null, "date_pushed": "2021-12-12 01:09:38", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2021-8dbf0a81c0", "title": "grub2-2.06-10.fc35", "version_hash": "80255e272f8d4318ce613e9800b0e78b07ff3597", "release": {"name": "F35", "long_name": "Fedora 35", "version": "35", "id_prefix": "FEDORA", "branch": "f35", "dist_tag": "f35", "stable_tag": "f35-updates", "testing_tag": "f35-updates-testing", "candidate_tag": "f35-updates-candidate", "pending_signing_tag": "f35-signing-pending", "pending_testing_tag": "f35-updates-testing-pending", "pending_stable_tag": "f35-updates-pending", "override_tag": "f35-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "rharwood", "email": "rharwood@pm.me", "id": 2033, "avatar": "https://seccdn.libravatar.org/avatar/e008d9337bf61e7a906d7f8daa8041f138643e8e58af55fdf030a70e7a2cb560?s=24&d=retro", "openid": "rharwood.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by rharwood. ", "timestamp": "2021-12-10 18:07:47", "update_id": 359589, "user_id": 91, "id": 2308689, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2021-12-10 18:07:48", "update_id": 359589, "user_id": 91, "id": 2308690, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'failed'.", "timestamp": "2021-12-10 20:22:58", "update_id": 359589, "user_id": 91, "id": 2308778, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'passed'.", "timestamp": "2021-12-10 21:20:04", "update_id": 359589, "user_id": 91, "id": 2308809, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2021-12-11 01:16:19", "update_id": 359589, "user_id": 91, "id": 2308924, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "Works (UEFI, secure boot, with just Fedora default MOK, T450s).", "timestamp": "2021-12-11 03:59:17", "update_id": 359589, "user_id": 198, "id": 2309223, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bojan", "email": "bojan@rexursive.com", "id": 198, "avatar": "https://seccdn.libravatar.org/avatar/adb4c3f28bd6969871988f992b1bf71e404f03e3570fbfa0fc9bd7d0bf0003f8?s=24&d=retro", "openid": "bojan.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 1, "karma_critpath": 0, "text": "secure boot working, permissions for grub.cfg looking fine.\n```\nsignature 1\nimage signature issuers:\n - /CN=Fedora Secure Boot CA\nsignature 2\nimage signature issuers:\n - /C=US/ST=Massachusetts/L=Cambridge/O=Red Hat, Inc./OU=Fedora Secure Boot CA 20200709/CN=fedoraca\n```\n\nIs there a way to add a test for the secure boot issue? If not booting a VM with secure boot enabled, maybe just extracting the signatures from shim and validating the certificates of grub efi, it would be a big relief :D", "timestamp": "2021-12-11 07:49:06", "update_id": 359589, "user_id": 6770, "id": 2309274, "bug_feedback": [{"karma": 1, "comment_id": 2309274, "bug_id": 2030358, "bug": {"bug_id": 2030358, "title": "CVE-2021-3981 grub2: Incorrect permission in grub.cfg allow unprivileged user to read the file content [fedora-all]", "security": true, "parent": false}}, {"karma": 1, "comment_id": 2309274, "bug_id": 2030940, "bug": {"bug_id": 2030940, "title": "Booting with grub2-2.06-9.fc35 and UEFI Secure Boot enabled resulted in Error: Verification Failed: (0x1A) Security Violation", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "frigo", "email": "rigault.francois@gmail.com", "id": 6770, "avatar": "https://seccdn.libravatar.org/avatar/26eb0baa1336653f4d281bf079a0efe15cb7c73cfd5893c148f8929d64a7742b?s=24&d=retro", "openid": "frigo.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2021-12-11 07:51:21", "update_id": 359589, "user_id": 91, "id": 2309275, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "Works great!  LGTM!  =)", "timestamp": "2021-12-11 11:04:54", "update_id": 359589, "user_id": 206, "id": 2309311, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "besser82", "email": "besser82.fpo@gmail.com", "id": 206, "avatar": "https://seccdn.libravatar.org/avatar/28bacfa3be75032390ac2c7a34599aeb825c3b62b2c55ef64821d2fc023b56cb?s=24&d=retro", "openid": "besser82.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "designteam"}, {"name": "shogun-ca"}, {"name": "alt-gtk-de-sig"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2021-12-11 11:04:55", "update_id": 359589, "user_id": 91, "id": 2309312, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "Boots fine!", "timestamp": "2021-12-11 11:06:04", "update_id": 359589, "user_id": 331, "id": 2309318, "bug_feedback": [{"karma": 0, "comment_id": 2309318, "bug_id": 2030358, "bug": {"bug_id": 2030358, "title": "CVE-2021-3981 grub2: Incorrect permission in grub.cfg allow unprivileged user to read the file content [fedora-all]", "security": true, "parent": false}}, {"karma": 1, "comment_id": 2309318, "bug_id": 2030940, "bug": {"bug_id": 2030940, "title": "Booting with grub2-2.06-9.fc35 and UEFI Secure Boot enabled resulted in Error: Verification Failed: (0x1A) Security Violation", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "ankursinha", "email": "sanjay.ankur@gmail.com", "id": 331, "avatar": "https://seccdn.libravatar.org/avatar/ea8a830990779d10661b2bea661307b613ca74c5169a7ba8e83b1748bd6e3495?s=24&d=retro", "openid": "ankursinha.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "robotics-sig"}, {"name": "packager"}, {"name": "gitfpaste"}, {"name": "fedora-contributor"}, {"name": "freemedia"}, {"name": "ask-fedora"}, {"name": "scitech_sig"}, {"name": "signed_fpca"}, {"name": "fedora-join"}, {"name": "ipausers"}, {"name": "qa"}, {"name": "gitfedora-tour"}, {"name": "wikiedit"}, {"name": "scitech"}, {"name": "fedorabugs"}, {"name": "neuro-sig"}]}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-12-11 13:51:45", "update_id": 359589, "user_id": 4054, "id": 2309364, "bug_feedback": [{"karma": 0, "comment_id": 2309364, "bug_id": 2030358, "bug": {"bug_id": 2030358, "title": "CVE-2021-3981 grub2: Incorrect permission in grub.cfg allow unprivileged user to read the file content [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 2309364, "bug_id": 2030940, "bug": {"bug_id": 2030940, "title": "Booting with grub2-2.06-9.fc35 and UEFI Secure Boot enabled resulted in Error: Verification Failed: (0x1A) Security Violation", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "boycottsystemd1", "email": "boycottsystemd@yahoo.com", "id": 4054, "avatar": "https://seccdn.libravatar.org/avatar/72822ae5aa82ed9dc6cb7bb35646270744387f81df9ec50d2903e8d4e0bd8691?s=24&d=retro", "openid": "boycottsystemd1.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}, {"karma": 1, "karma_critpath": 0, "text": "Secure boot works", "timestamp": "2021-12-11 17:45:56", "update_id": 359589, "user_id": 820, "id": 2309500, "bug_feedback": [{"karma": 0, "comment_id": 2309500, "bug_id": 2030358, "bug": {"bug_id": 2030358, "title": "CVE-2021-3981 grub2: Incorrect permission in grub.cfg allow unprivileged user to read the file content [fedora-all]", "security": true, "parent": false}}, {"karma": 1, "comment_id": 2309500, "bug_id": 2030940, "bug": {"bug_id": 2030940, "title": "Booting with grub2-2.06-9.fc35 and UEFI Secure Boot enabled resulted in Error: Verification Failed: (0x1A) Security Violation", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "thesourcehim", "email": "thesourcehim@gmail.com", "id": 820, "avatar": "https://seccdn.libravatar.org/avatar/365b51e2acf2590c778904c667bec9701bf1d647e31a081645a598849105e2fd?s=24&d=retro", "openid": "thesourcehim.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2021-12-12 01:10:28", "update_id": 359589, "user_id": 91, "id": 2309816, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "WFM", "timestamp": "2021-12-15 01:51:09", "update_id": 359589, "user_id": 5881, "id": 2313106, "bug_feedback": [{"karma": 0, "comment_id": 2313106, "bug_id": 2030358, "bug": {"bug_id": 2030358, "title": "CVE-2021-3981 grub2: Incorrect permission in grub.cfg allow unprivileged user to read the file content [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 2313106, "bug_id": 2030940, "bug": {"bug_id": 2030940, "title": "Booting with grub2-2.06-9.fc35 and UEFI Secure Boot enabled resulted in Error: Verification Failed: (0x1A) Security Violation", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}], "builds": [{"nvr": "grub2-2.06-10.fc35", "signed": true, "release_id": 51, "type": "rpm", "epoch": 1}], "bugs": [{"bug_id": 2030358, "title": "CVE-2021-3981 grub2: Incorrect permission in grub.cfg allow unprivileged user to read the file content [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 2308206, "bug_id": 2030358, "comment": {"karma": -1, "karma_critpath": 0, "text": "MOK versification failed with secure boot enabled.", "timestamp": "2021-12-10 08:48:03", "update_id": 359272, "user_id": 638, "id": 2308206, "testcase_feedback": [], "user": {"name": "fidencio", "email": "fabiano@fidencio.org", "id": 638, "avatar": "https://seccdn.libravatar.org/avatar/03ccd12ac6c4b4326ed488d28ad99e068bd95f7fff3e6f6c714385460079aecf?s=24&d=retro", "openid": "fidencio.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "virtmaint-sig"}]}}}, {"karma": 0, "comment_id": 2308492, "bug_id": 2030358, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2021-12-10 15:11:03", "update_id": 359272, "user_id": 5881, "id": 2308492, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}, {"karma": 1, "comment_id": 2309274, "bug_id": 2030358, "comment": {"karma": 1, "karma_critpath": 0, "text": "secure boot working, permissions for grub.cfg looking fine.\n```\nsignature 1\nimage signature issuers:\n - /CN=Fedora Secure Boot CA\nsignature 2\nimage signature issuers:\n - /C=US/ST=Massachusetts/L=Cambridge/O=Red Hat, Inc./OU=Fedora Secure Boot CA 20200709/CN=fedoraca\n```\n\nIs there a way to add a test for the secure boot issue? If not booting a VM with secure boot enabled, maybe just extracting the signatures from shim and validating the certificates of grub efi, it would be a big relief :D", "timestamp": "2021-12-11 07:49:06", "update_id": 359589, "user_id": 6770, "id": 2309274, "testcase_feedback": [], "user": {"name": "frigo", "email": "rigault.francois@gmail.com", "id": 6770, "avatar": "https://seccdn.libravatar.org/avatar/26eb0baa1336653f4d281bf079a0efe15cb7c73cfd5893c148f8929d64a7742b?s=24&d=retro", "openid": "frigo.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 2309318, "bug_id": 2030358, "comment": {"karma": 1, "karma_critpath": 0, "text": "Boots fine!", "timestamp": "2021-12-11 11:06:04", "update_id": 359589, "user_id": 331, "id": 2309318, "testcase_feedback": [], "user": {"name": "ankursinha", "email": "sanjay.ankur@gmail.com", "id": 331, "avatar": "https://seccdn.libravatar.org/avatar/ea8a830990779d10661b2bea661307b613ca74c5169a7ba8e83b1748bd6e3495?s=24&d=retro", "openid": "ankursinha.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "robotics-sig"}, {"name": "packager"}, {"name": "gitfpaste"}, {"name": "fedora-contributor"}, {"name": "freemedia"}, {"name": "ask-fedora"}, {"name": "scitech_sig"}, {"name": "signed_fpca"}, {"name": "fedora-join"}, {"name": "ipausers"}, {"name": "qa"}, {"name": "gitfedora-tour"}, {"name": "wikiedit"}, {"name": "scitech"}, {"name": "fedorabugs"}, {"name": "neuro-sig"}]}}}, {"karma": 0, "comment_id": 2309500, "bug_id": 2030358, "comment": {"karma": 1, "karma_critpath": 0, "text": "Secure boot works", "timestamp": "2021-12-11 17:45:56", "update_id": 359589, "user_id": 820, "id": 2309500, "testcase_feedback": [], "user": {"name": "thesourcehim", "email": "thesourcehim@gmail.com", "id": 820, "avatar": "https://seccdn.libravatar.org/avatar/365b51e2acf2590c778904c667bec9701bf1d647e31a081645a598849105e2fd?s=24&d=retro", "openid": "thesourcehim.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2308020, "bug_id": 2030358, "comment": {"karma": -1, "karma_critpath": 0, "text": "Booting with grub2-2.06-9.fc35 and UEFI Secure Boot enabled resulted in Error: Verification Failed: (0x1A) Security Violation. I reported this problem at https://bugzilla.redhat.com/show_bug.cgi?id=2030940", "timestamp": "2021-12-10 02:49:19", "update_id": 359272, "user_id": 4471, "id": 2308020, "testcase_feedback": [], "user": {"name": "mattf", "email": "matt.fagnani@bell.net", "id": 4471, "avatar": "https://seccdn.libravatar.org/avatar/dfd914605b2f5dafb41729697904a39aacfba787012bad999834e94535892c46?s=24&d=retro", "openid": "mattf.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 2308096, "bug_id": 2030358, "comment": {"karma": 1, "karma_critpath": 0, "text": "Legacy BIOS OK", "timestamp": "2021-12-10 06:04:23", "update_id": 359272, "user_id": 4054, "id": 2308096, "testcase_feedback": [], "user": {"name": "boycottsystemd1", "email": "boycottsystemd@yahoo.com", "id": 4054, "avatar": "https://seccdn.libravatar.org/avatar/72822ae5aa82ed9dc6cb7bb35646270744387f81df9ec50d2903e8d4e0bd8691?s=24&d=retro", "openid": "boycottsystemd1.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2308191, "bug_id": 2030358, "comment": {"karma": -1, "karma_critpath": 0, "text": "Secure boot is broken.", "timestamp": "2021-12-10 08:33:07", "update_id": 359272, "user_id": 4214, "id": 2308191, "testcase_feedback": [], "user": {"name": "ojab", "email": "ojab@ojab.ru", "id": 4214, "avatar": "https://seccdn.libravatar.org/avatar/2139e49dfae1e0a5f3286f29e45ec93d55da07adf5a9c9507b440bc01dc61734?s=24&d=retro", "openid": "ojab.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 2308196, "bug_id": 2030358, "comment": {"karma": -1, "karma_critpath": 0, "text": "MOK verification failed with secure boot enabled.", "timestamp": "2021-12-10 08:34:58", "update_id": 359272, "user_id": 820, "id": 2308196, "testcase_feedback": [], "user": {"name": "thesourcehim", "email": "thesourcehim@gmail.com", "id": 820, "avatar": "https://seccdn.libravatar.org/avatar/365b51e2acf2590c778904c667bec9701bf1d647e31a081645a598849105e2fd?s=24&d=retro", "openid": "thesourcehim.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2308307, "bug_id": 2030358, "comment": {"karma": -1, "karma_critpath": 0, "text": "Changing to -1, needing to accept a new key was not intentional, it seems.", "timestamp": "2021-12-10 11:11:36", "update_id": 359272, "user_id": 198, "id": 2308307, "testcase_feedback": [], "user": {"name": "bojan", "email": "bojan@rexursive.com", "id": 198, "avatar": "https://seccdn.libravatar.org/avatar/adb4c3f28bd6969871988f992b1bf71e404f03e3570fbfa0fc9bd7d0bf0003f8?s=24&d=retro", "openid": "bojan.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2308367, "bug_id": 2030358, "comment": {"karma": -1, "karma_critpath": 0, "text": "", "timestamp": "2021-12-10 12:32:41", "update_id": 359272, "user_id": 331, "id": 2308367, "testcase_feedback": [], "user": {"name": "ankursinha", "email": "sanjay.ankur@gmail.com", "id": 331, "avatar": "https://seccdn.libravatar.org/avatar/ea8a830990779d10661b2bea661307b613ca74c5169a7ba8e83b1748bd6e3495?s=24&d=retro", "openid": "ankursinha.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "robotics-sig"}, {"name": "packager"}, {"name": "gitfpaste"}, {"name": "fedora-contributor"}, {"name": "freemedia"}, {"name": "ask-fedora"}, {"name": "scitech_sig"}, {"name": "signed_fpca"}, {"name": "fedora-join"}, {"name": "ipausers"}, {"name": "qa"}, {"name": "gitfedora-tour"}, {"name": "wikiedit"}, {"name": "scitech"}, {"name": "fedorabugs"}, {"name": "neuro-sig"}]}}}, {"karma": 0, "comment_id": 2309364, "bug_id": 2030358, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-12-11 13:51:45", "update_id": 359589, "user_id": 4054, "id": 2309364, "testcase_feedback": [], "user": {"name": "boycottsystemd1", "email": "boycottsystemd@yahoo.com", "id": 4054, "avatar": "https://seccdn.libravatar.org/avatar/72822ae5aa82ed9dc6cb7bb35646270744387f81df9ec50d2903e8d4e0bd8691?s=24&d=retro", "openid": "boycottsystemd1.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2313106, "bug_id": 2030358, "comment": {"karma": 1, "karma_critpath": 0, "text": "WFM", "timestamp": "2021-12-15 01:51:09", "update_id": 359589, "user_id": 5881, "id": 2313106, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}, {"karma": 0, "comment_id": 2317385, "bug_id": 2030358, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-12-18 02:59:35", "update_id": 359590, "user_id": 5881, "id": 2317385, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}]}, {"bug_id": 2030940, "title": "Booting with grub2-2.06-9.fc35 and UEFI Secure Boot enabled resulted in Error: Verification Failed: (0x1A) Security Violation", "security": false, "parent": false, "feedback": [{"karma": 1, "comment_id": 2309274, "bug_id": 2030940, "comment": {"karma": 1, "karma_critpath": 0, "text": "secure boot working, permissions for grub.cfg looking fine.\n```\nsignature 1\nimage signature issuers:\n - /CN=Fedora Secure Boot CA\nsignature 2\nimage signature issuers:\n - /C=US/ST=Massachusetts/L=Cambridge/O=Red Hat, Inc./OU=Fedora Secure Boot CA 20200709/CN=fedoraca\n```\n\nIs there a way to add a test for the secure boot issue? If not booting a VM with secure boot enabled, maybe just extracting the signatures from shim and validating the certificates of grub efi, it would be a big relief :D", "timestamp": "2021-12-11 07:49:06", "update_id": 359589, "user_id": 6770, "id": 2309274, "testcase_feedback": [], "user": {"name": "frigo", "email": "rigault.francois@gmail.com", "id": 6770, "avatar": "https://seccdn.libravatar.org/avatar/26eb0baa1336653f4d281bf079a0efe15cb7c73cfd5893c148f8929d64a7742b?s=24&d=retro", "openid": "frigo.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 1, "comment_id": 2309318, "bug_id": 2030940, "comment": {"karma": 1, "karma_critpath": 0, "text": "Boots fine!", "timestamp": "2021-12-11 11:06:04", "update_id": 359589, "user_id": 331, "id": 2309318, "testcase_feedback": [], "user": {"name": "ankursinha", "email": "sanjay.ankur@gmail.com", "id": 331, "avatar": "https://seccdn.libravatar.org/avatar/ea8a830990779d10661b2bea661307b613ca74c5169a7ba8e83b1748bd6e3495?s=24&d=retro", "openid": "ankursinha.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "robotics-sig"}, {"name": "packager"}, {"name": "gitfpaste"}, {"name": "fedora-contributor"}, {"name": "freemedia"}, {"name": "ask-fedora"}, {"name": "scitech_sig"}, {"name": "signed_fpca"}, {"name": "fedora-join"}, {"name": "ipausers"}, {"name": "qa"}, {"name": "gitfedora-tour"}, {"name": "wikiedit"}, {"name": "scitech"}, {"name": "fedorabugs"}, {"name": "neuro-sig"}]}}}, {"karma": 1, "comment_id": 2309500, "bug_id": 2030940, "comment": {"karma": 1, "karma_critpath": 0, "text": "Secure boot works", "timestamp": "2021-12-11 17:45:56", "update_id": 359589, "user_id": 820, "id": 2309500, "testcase_feedback": [], "user": {"name": "thesourcehim", "email": "thesourcehim@gmail.com", "id": 820, "avatar": "https://seccdn.libravatar.org/avatar/365b51e2acf2590c778904c667bec9701bf1d647e31a081645a598849105e2fd?s=24&d=retro", "openid": "thesourcehim.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2309364, "bug_id": 2030940, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-12-11 13:51:45", "update_id": 359589, "user_id": 4054, "id": 2309364, "testcase_feedback": [], "user": {"name": "boycottsystemd1", "email": "boycottsystemd@yahoo.com", "id": 4054, "avatar": "https://seccdn.libravatar.org/avatar/72822ae5aa82ed9dc6cb7bb35646270744387f81df9ec50d2903e8d4e0bd8691?s=24&d=retro", "openid": "boycottsystemd1.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 2313106, "bug_id": 2030940, "comment": {"karma": 1, "karma_critpath": 0, "text": "WFM", "timestamp": "2021-12-15 01:51:09", "update_id": 359589, "user_id": 5881, "id": 2313106, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}, {"karma": 0, "comment_id": 2317385, "bug_id": 2030940, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-12-18 02:59:35", "update_id": 359590, "user_id": 5881, "id": 2317385, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}]}], "updateid": "FEDORA-2021-8dbf0a81c0", "karma": 7, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}