Bug 18389

Summary: "no shim lock protocol" prevent booting windows 10 kernel
Product: Mageia Reporter: Guillaume Rousse <guillomovitch>
Component: RPM PackagesAssignee: Thierry Vignaud <thierry.vignaud>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: marja11, tmb, zen25000
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: grub2 CVE:
Status comment:

Description Guillaume Rousse 2016-05-07 00:15:04 CEST
Since latest change (and syncing with Fedora patches), I can't boot anymore into Windows. It seems to be related with the line 117 of this patch, when secure boot is disabled:
http://pkgs.fedoraproject.org/cgit/rpms/grub2.git/tree/0070-Add-secureboot-support-on-efi-chainloader.patch

Suze has a private bug report and a patch, extractable from their latest source package, for this issue, announced in this security advisory:
http://lists.suse.com/pipermail/sle-security-updates/2015-December/001770.html

Unfortunately, I've been unable to compile our grub package once this patch applied :/
Comment 1 Marja Van Waes 2016-05-07 08:23:15 CEST
please test whether grub2 from updates_testing is better, see bug 18380

CC: (none) => marja11, zen25000
Assignee: bugsquad => thierry.vignaud

Comment 2 Barry Jackson 2016-05-07 12:53:53 CEST
(In reply to Guillaume Rousse from comment #0)
> 
> Unfortunately, I've been unable to compile our grub package once this patch
> applied :/

That CVE was fixed in http://svnweb.mageia.org/packages?view=revision&revision=910713 with a Fedora patch which is still applied in our builds.
Comment 3 Thomas Backlund 2016-05-07 18:15:16 CEST
fixed in  grub2-2.02-0.git10270.8.mga6 currently building

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED