Shim15.8 RPM availability for Rocky Linux 8 to fix CVE-2023-40546 CVE-2023-40547 CVE-2023-40548 CVE-2023-40549 CVE-2023-40550 CVE-2023-40551

Hi Team,
SHIM released 15.8 addressing 7 CVEs (1 with critical score of 9.8 CVE-2023-40547)
When can we expect x86_64 RPM.

I’ll defer to @Sherif for a more detailed answer.

While I understand there are CVE’s involved with this shim release, the reality is that it’s not as easy as just updating the rpm and moving on. When it comes to shim, we have to produce unsigned binaries to then be signed upstream. This has never been a fast process. With 15.8 coming out, there are other changes that have to be made for ours to be approved, as far as I know. There is no ETA at this time.

Like I said, I’ll defer to Sherif for a better answer.

1 Like

As @nazunalika mentioned, we currently have no ETA, we will have to go through the whole process of shim review then get the shim signed by Microsoft, we are working on preparing the shim review within few days hopefully.