Change logs for shim-signed source package in Noble

shim-signed (1.58) noble; urgency=medium

  * Prevent postinst failing when broken grub-common was previously
    installed(LP: #2056562)

 -- Mate Kukri <email address hidden>  Thu, 04 Apr 2024 13:39:00 +0100

shim-signed (1.57) mantic; urgency=medium

  * New upstream version 15.8 (LP: #2051151):
    - pe: Align section size up to page size for mem attrs (LP: #2036604)
    - SBAT level: shim,4
    - SBAT policy:
      - Latest: "shim,4\ngrub,3\ngrub.debian,4\n"
      - Automatic: "shim,2\ngrub,3\ngrub.debian,4\n"
      - Note that this does not yet revoke pre NTFS CVE fix GRUB binaries.
  * SECURITY UPDATE: a bug in an error message [LP: #2051151]
    - mok: fix LogError() invocation
    - CVE-2023-40546
  * SECURITY UPDATE: out-of-bounds write and UEFI Secure Boot bypass
    when booting via HTTP [LP: #2051151]
    - avoid incorrectly trusting HTTP headers
    - CVE-2023-40547
  * SECURITY UPDATE: out-of-bounds write and possible bug [LP: #2051151]
    - Fix integer overflow on SBAT section size on 32-bit system
    - CVE-2023-40548
  * SECURITY UPDATE: out-of-bounds read and possible bug [LP: #2051151]
    - Authenticode: verify that the signature header is in bounds.
    - CVE-2023-40549
  * SECURITY UPDATE: out-of-bounds read and possible bug [LP: #2051151]
    - pe: Fix an out-of-bound read in verify_buffer_sbat()
    - CVE-2023-40550
  * SECURITY UPDATE: out-of-bounds read and possible bug [LP: #2051151]
    - pe-relocate: Fix bounds check for MZ binaries
    - CVE-2023-40551
  * Makefile: Add option for building without an externally signed shim

 -- Mate Kukri <email address hidden>  Thu, 29 Feb 2024 10:26:43 +0000

shim-signed (1.56) mantic; urgency=medium

  * Drop --auto-nvram from grub-multi-install call (LP: #2037185)

 -- Julian Andres Klode <email address hidden>  Wed, 04 Oct 2023 18:54:03 +0200