Secure boot issues fixed in upstream with shim 15.5 Rocky 8.6 still has shim 15.4

The upstream 8.6 release included shim version 15.5-2. It looks like that in part addresses some secure boot issues, including things like the inability to sign kernel modules on VMWare instances with secure boot enabled.

Red Hat bug:

See Rocky Linux 8.5 Secure Boot Error

And Rocky Linux 8.5 UEFI Secure Boot Key problem on VMware

for users of Rocky Linux affected by this.

I’m still showing shim version 15.4-2 in my Rocky 8.6 updated system. Is that because there is a delay getting the signature in place?

It’s possible I’m missing something. Is there an expected timeframe for shim 15.5 in Rocky Linux?

The shim has to be signed by Microsoft. Shim 15.5 for Rocky Linux 8 "ia32/x64" · Issue #234 · rhboot/shim-review · GitHub

Perfect! Thanks so much. I hadn’t been able to dine that during my searching.