I clicked my encrypted drive in Dolphin and entered my password. Then dropped to the console and did ls /dev/mapper then shutdown - h now.Hello,As far as I know, the Debian Live ISO does not change anything in the system it is booted from. Unless you have done something else.To save me disabling secure boot to do some maintenance whilst root was unmounted I booted Debian-12.7 live KDE desktop image on a Devuan system (Bookworm 12).
To my surprise it has had the exact same affect as the Windows update. I guess I now need to wait for the Debian update to my main OS too. I guess Debian should update the shim in the repos before the .iso?
My guess is that a shim carries revocations that updated my local list as it was signed correctly which is pretty cool but problematic, if you have multiple boot systems like isos or multiple Linux. I only have Devuan installed so I shall just disable secure boot for booting recovery disks in future. Though I guess it shouldn't happen too often.
mokutil --list-sbat-revocations
gives
sbat,1,2024010900
shim,4
grub,3
grub.debian,4
Statistics: Posted by kevlar7007 — 2024-09-10 21:45