-
Notifications
You must be signed in to change notification settings - Fork 2
/
DBXUpdate-20230509.x64.metainfo.xml
54 lines (54 loc) · 2.22 KB
/
DBXUpdate-20230509.x64.metainfo.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?xml version="1.0" encoding="UTF-8"?>
<!-- Copyright 2022 Richard Hughes <richard@hughsie.com> -->
<component type="firmware">
<id>org.linuxfoundation.dbx.x64.firmware</id>
<name>Secure Boot dbx</name>
<name_variant_suffix>x64</name_variant_suffix>
<summary>UEFI Secure Boot Forbidden Signature Database</summary>
<description>
<p>
Updating the UEFI dbx prevents starting EFI binaries with known security issues.
</p>
</description>
<provides>
<!-- Microsoft Corporation KEK CA 2011 -
UEFI\CRT_A1117F516A32CEFCBA3F2D1ACE10A87972FD6BBE8FE0D0B996E09E65D802A503&ARCH_X64 -->
<firmware type="flashed">f8ba2887-9411-5c36-9cee-88995bb39731</firmware>
</provides>
<url type="homepage">https://uefi.org/revocationlistfile</url>
<metadata_license>CC0-1.0</metadata_license>
<project_license>proprietary</project_license>
<developer_name>Microsoft Corporation</developer_name>
<releases>
<!-- for the version use `fwupdtool firmware-parse DBXUpdate-20230509.x64.bin efi-signature-list` -->
<release urgency="high" version="371" date="2023-05-09">
<checksum filename="DBXUpdate-20230509.x64.bin" target="content"/>
<checksum type="sha256" target="device">13a1f37bedfb5417b6b737e2a3816c8fd587d74d836914b2b2edc9fd6ca30e58</checksum>
<description>
<p>
Insecure versions of the Microsoft Windows boot manager affected by Black Lotus were
added to the list of forbidden signatures due to a discovered security problem.
This updates the dbx to the latest release from Microsoft.
</p>
<p>
Before installing the update, fwupd will check for any affected executables
in the ESP and will refuse to update if it finds any boot binaries signed
with any of the forbidden signatures.
</p>
</description>
<issues>
<issue type="cve">CVE-2022-21894</issue>
</issues>
</release>
</releases>
<requires>
<id compare="ge" version="1.8.14">org.freedesktop.fwupd</id>
</requires>
<custom>
<value key="LVFS::UpdateProtocol">org.uefi.dbx</value>
<value key="LVFS::VersionFormat">number</value>
</custom>
<categories>
<category>X-Configuration</category>
</categories>
</component>