- shim-signed-common (>= 1.44~1+deb11u1+15.8-1~deb11u1)
- grub-efi-arm64-bin
- shim-helpers-arm64-signed (>= 1+15.8+1~deb11u1)
- grub2-common (>= 2.06-3~deb11u6)
This package provides a minimalist boot loader which allows verifying
signatures of other UEFI binaries against either the Secure Boot DB/DBX or
against a built-in signature database. Its purpose is to allow a small,
infrequently-changing binary to be signed by the UEFI CA, while allowing
an OS distributor to revision their main bootloader independently of the CA.
.
NOTICE: This package used to contain the version of the bootloader
binary signed by the Microsoft UEFI CA, but significant toolchain
problems on arm64 have made it impossible to reliably build a safe
arm64 shim for now. See
https://wiki.debian.org/SecureBoot#arm64_problems for more
information. In the hope that we can resolve these problems soon, for
now this package instead contains another copy of the *unsigned* shim
on arm64 to maintain package dependencies.
Installed Size: 906.2 kB
Architectures: amd64 arm64