SCIENTIFIC-LINUX-ERRATA Archives

August 2020

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Updating Scientific Linux 7 Secure Boot key
From:
Patrick Riehecky <[log in to unmask]>
Reply To:
Patrick Riehecky <[log in to unmask]>
Date:
Fri, 21 Aug 2020 18:17:26 +0000
Content-Type:
multipart/mixed
Parts/Attachments:
text/plain (3256 bytes) , SECURE-BOOT-KEY-fnal-sl7-exp-2023-09-27.der (1545 bytes) 
-----BEGIN PGP SIGNED MESSAGE-----


Hash: SHA1





Attention all Scientific Linux users of Secure Boot:





A new SECURE BOOT key for Scientific Linux 7 will be used starting


August 26 2020.  The existing key expires on the same day.





The new key is published at





http://ftp.scientificlinux.org/linux/scientific/7x/x86_64/os/SECURE-BOOT-KEY-fnal-sl7-exp-2023-09-27





in DER format[2].





A new grub2, shim, fwupd, and kernel will be issued along with the


first errata requiring this key.





For more information on Scientific Linux 7 and Secure Boot please


review our release notes[1].





UEFI SECURE BOOT users should validate the new certificate and load it


at this time[1].





Thanks,





The Scientific Linux Team





[1]


http://ftp.scientificlinux.org/linux/scientific/7x/x86_64/release-notes/#_about_uefi_secure_boot





[2] A PEM formatted version of the certificate is provided here as


well:


- -----BEGIN CERTIFICATE-----


MIIF3jCCBMagAwIBAgIQAkyHL6S+kt/bvsNMzNB9rjANBgkqhkiG9w0BAQsFADBs


MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3


d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBFViBDb2RlIFNpZ25p


bmcgQ0EgKFNIQTIpMB4XDTIwMDgyMTAwMDAwMFoXDTIzMDkyNzEyMDAwMFowgd8x


EzARBgsrBgEEAYI3PAIBAxMCVVMxGjAYBgNVBA8MEUdvdmVybm1lbnQgRW50aXR5


MRowGAYDVQQFExFHb3Zlcm5tZW50IEVudGl0eTELMAkGA1UEBhMCVVMxETAPBgNV


BAgTCElsbGlub2lzMRAwDgYDVQQHEwdCYXRhdmlhMS4wLAYDVQQKEyVGZXJtaSBO


YXRpb25hbCBBY2NlbGVyYXRvciBMYWJvcmF0b3J5MS4wLAYDVQQDEyVGZXJtaSBO


YXRpb25hbCBBY2NlbGVyYXRvciBMYWJvcmF0b3J5MIIBIjANBgkqhkiG9w0BAQEF


AAOCAQ8AMIIBCgKCAQEAoEFaNBWGiocZ84lCRkcOJedpNwnY6wRRkC4f6D+yZcVn


rJVRdVfgMomX7RG3r+bFXZh3TDgA0snfIHDSDDoXRDKsHmJ5r/UDomK1X5tkso6h


GhNuwNVR/fzNiq8MzomJJK3JW75t6+6sz2mgTUuxL+VyTLIFzMl4gUL1b7H5/c8T


AtaY76NgzZrpiPXVL0BeR/Qm3+KkP21zbBpwdT3pBY88E3TOLVMxUJyjD78ENLPj


O4kzlPVjYCywqmIs1KXDMpcToZexm84EuLFY9r9Pn8UJa8RtKSIh8J9q8CaeN6uY


HYMb6LspvrvZuJmw2cKWazqwD/Cw8QkNim0qWbuKaQIDAQABo4ICBjCCAgIwHwYD


VR0jBBgwFoAUj+h+8G0yagAFI8dwl2o6kP9r6tQwHQYDVR0OBBYEFMWhIriHBCEd


zqnfBeRYMaW/OKSDMEMGA1UdEQQ8MDqgOAYIKwYBBQUHCAOgLDAqDChVUy1GRVJN


SSBOQVRJT05BTCBBQ0NFTEVSQVRPUiBMQUJPUkFUT1JZMA4GA1UdDwEB/wQEAwIH


gDATBgNVHSUEDDAKBggrBgEFBQcDAzB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8v


Y3JsMy5kaWdpY2VydC5jb20vRVZDb2RlU2lnbmluZ1NIQTItZzEuY3JsMDegNaAz


hjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRVZDb2RlU2lnbmluZ1NIQTItZzEu


Y3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAMCMCowKAYIKwYBBQUHAgEWHGh0dHBz


Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQMwfgYIKwYBBQUHAQEEcjBw


MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSAYIKwYBBQUH


MAKGPGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEVWQ29kZVNp


Z25pbmdDQS1TSEEyLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4IB


AQBw5qkUbY9rDpngiwvSqp9ArNbDFV5mEmgjbwuQsrvHn6YVOxwmCQKhcmrMeUk7


UA+KAbRSbLdU+cdANKXJb7ULckrE7HO/cQkNYp7DXutamr8/KTtmtTa1ykf7XiFx


5E02ZZStBtKRApyCgWVndkYxRFdxuS9iF6SWt3Qcxy+yPkJQbwzhnKBXCQHkLbsx


1S2aKuZe55zqOj3LOxZFrL468dVvhxkhFbHHWjGXJwpmGYfhINTK/Wilvt3zaBAW


Ppc7RmkFb+KbX31pexkHbl9OC9IPxuXQuBAraqDBll7mvmx9CPQn8yKyJkOaNKDo


hwe+cMb58gPKjxydEv8ZvFpf


- -----END CERTIFICATE-----























-----BEGIN PGP SIGNATURE-----


Version: GnuPG v2.0.22 (GNU/Linux)





iEYEARECAAYFAl9ADUAACgkQsLQYPxkqfX3rzACfcUhrZOEeY8mgVxr9nXHjOiVu


ifwAmwQEaMVtgrqF+w/6FVVYbDR1ieoZ


=EpGc


-----END PGP SIGNATURE-----

ATOM RSS1 RSS2