Wednesday, July 29, 2020

[opensuse-announce] Heads up: "BootHole" security issue

Hi folks,

Researchers from Eclypsium just published a new vulnerability in grub2 called
"BootHole".

We put a highlevel view in a blog:
https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/

and our TID:
https://www.suse.com/support/kb/doc/?id=000019673

The points in there apply the same way to openSUSE.

For openSUSE Leap 15.2, Lubos and I plan a "fall" respin of the DVD
media that continue to boot in updated UEFI secure boot scenarios

openSUSE Maintenance and Security work will now commence on this issue,
we will be publishing grub2 and other updates in the next days and also
do the signing key rotation before this.

Ciao, Marcus

No comments:

Post a Comment