{"affected":[{"ecosystem_specific":{"binaries":[{"shim":"15+git47-12.5.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP4-LTSS","name":"shim","purl":"pkg:rpm/suse/shim&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"15+git47-12.5.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for shim fixes the following issues:\n\nUpdate to the unified shim binary from SUSE Linux Enterprise 15-SP1 (bsc#1168994)\n\nThis update addresses the 'BootHole' security issue (master CVE CVE-2020-10713), by\ndisallowing binaries signed by the previous SUSE UEFI signing key from booting.\n\nThis update should only be installed after updates of grub2, the Linux kernel and (if used)\nXen from or after July / August 2020 are applied.\n\nAlso fixed:\n\n+ shim-install: install MokManager to \\EFI\\boot to process the pending MOK request (bsc#1175626, bsc#1175656)\n\n","id":"SUSE-SU-2020:14490-1","modified":"2020-09-15T08:20:58Z","published":"2020-09-15T08:20:58Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2020/suse-su-202014490-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1168994"},{"type":"REPORT","url":"https://bugzilla.suse.com/1175626"},{"type":"REPORT","url":"https://bugzilla.suse.com/1175656"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-10713"}],"related":["CVE-2020-10713"],"summary":"Security update for shim","upstream":["CVE-2020-10713"]}