shim-16.0-rc1
Pre-release
Pre-release
·
53 commits
to main
since this release
What's Changed
- Validate that a supplied vendor cert is not in PEM format by @steve-mcintyre in #646
- sbat: Add grub.peimage,2 to latest (CVE-2024-2312) by @julian-klode in #651
- sbat: Also bump latest for grub,4 (and to todays date) by @julian-klode in #653
- undo change that limits certificate files to a single file by @jsetje in #659
- shim: don't set second_stage to the empty string by @jjd27 in #640
- Fix SBAT.md for today's consensus about numbers by @aronowski in #672
- Update Code of Conduct contact address by @aronowski in #683
- make-certs: Handle missing OpenSSL installation by @aronowski in #595
- Update MokVars.txt by @mikebeaton in #598
- export DEFINES for sub makefile by @bryteise in #600
- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition by @vittyvk in #609
- Null-terminate 'arguments' in fallback by @vittyvk in #611
- Fix "Verifiying" typo in error message by @chrisbainbridge in #706
- Update Fedora CI targets by @vathpela in #708
- Force gcc to produce DWARF4 so that gdb can use it by @mikebeaton in #607
- Minor housekeeping 2024121700 by @vathpela in #709
- Discard load-options that start with WINDOWS by @Metabolix in #621
- Fix the issue that the gBS->LoadImage pointer was empty. by @15058718379 in #703
- shim: Allow data after the end of device path node in load options by @dbnicholson in #694
- Handle network file not found like disks by @dbnicholson in #695
- Update gnu-efi submodule for EFI_HTTP_ERROR by @vathpela in #674
- Increase EFI file alignment by @lumag in #673
- avoid EFIv2 runtime services on Apple x86 machines by @eduardacatrinei in #690
- Improve shortcut performance when comparing two boolean expressions by @dennis-tseng99 in #667
- Provide better error message when MokManager is not found by @rmetrich in #663
- tpm: Boot with a warning if the event log is full by @kukrimate in #657
- MokManager: remove redundant logical constraints by @xypron in #409
- Test import_mok_state() when MokListRT would be bigger than available size by @vathpela in #417
- test-mok-mirror: minor bug fix by @vathpela in #715
- Fix file system browser hang when enrolling MOK from disk by @miczyg1 in #622
- Ignore a minor clang-tidy nit by @vathpela in #716
- Allow fallback to default loader when encountering errors on network boot by @nathan-omeara in #666
- test.mk: don't use a temporary random.bin by @vathpela in #718
- pe: Enhance debug report for update_mem_attrs by @jongwu in #594
- Multiple certificate handling improvements by @rosslagerwall in #644
- Generate SbatLevel Metadata from SbatLevel_Variable.txt by @jsetje in #711
- Apply EKU check with compile option by @dennis-tseng99 in #664
- Add configuration option to boot an alternative 2nd stage by @esnowberg in #608
- Loader protocol (with Device Path resolution support) by @kukrimate in #656
- netboot cleanup for additional files by @jsetje in #686
- Document how revocations can be delivered by @jsetje in #722
- post-process-pe: add tests to validate NX compliance by @vathpela in #705
- regression: CopyMem() in ad8692e copies out of bounds by @jsetje in #725
- Save the debug and error logs in mok-variables by @vathpela in #726
- Add features for the Host Security ID program by @vathpela in #660
- Mirror some more efi variables to mok-variables by @vathpela in #723
- This adds DXE Services measurements to HSI and uses them for NX by @vathpela in #724
- Add shim's current NX_COMPAT status to HSIStatus by @vathpela in #727
- README.tpm: reflect that vendor_db is in fact logged as "vendor_db" by @jsetje in #728
- Reject HTTP message with duplicate Content-Length header fields by @dennis-tseng99 in #637
- Disable log saving by @vathpela in #729
- fallback: don't add new boot order entries backwards by @vathpela in #730
New Contributors
- @jjd27 made their first contribution in #640
- @mikebeaton made their first contribution in #598
- @bryteise made their first contribution in #600
- @vittyvk made their first contribution in #609
- @chrisbainbridge made their first contribution in #706
- @Metabolix made their first contribution in #621
- @15058718379 made their first contribution in #703
- @dbnicholson made their first contribution in #694
- @lumag made their first contribution in #673
- @eduardacatrinei made their first contribution in #690
- @kukrimate made their first contribution in #657
- @miczyg1 made their first contribution in #622
- @nathan-omeara made their first contribution in #666
- @jongwu made their first contribution in #594
- @rosslagerwall made their first contribution in #644
Full Changelog: 15.8...16.0-rc1
Contributors
bryteise, lumag, and 22 other contributors