Announcement

**claydoh** · 2025-06-20T06:26:41

Do you dual boot Windows and/or use Secure Boot? If so, you probably want it. You'd likley see this as part of a Windows update as well.
If you don't, it isn't necessary, but isn't harmful, or shoudn't be.
I don't use secure boot but I do install these when offered, because I'll never know if I'll still have a particular system, and don't want the next person dealing with outdated lists mucking around with an OS install.
If you don't want to see this, disable the firmware update option in Discover.
Note that these do not come from Ubuntu, but via LVFS and fwudmgr

**Qqmike** · 2025-06-20T13:48:26

I guess I don't really need that package, UEFI dbx. But Discover offers it as an update.
For kicks, I allowed it to be checked off by Discover and installed, and an immediate restart was required.
This happens every time for the past 3 updates!
Synaptic says it is not installed, though it should be if, in fact, Discover did install it.
But Synaptic might not pick it up since it's not in repos, right?
I'll dig up the command to check, though it doesn't matter.
I don't really care, I'm just messing with it, but something seems amiss here!

**claydoh** · 2025-06-20T14:14:13

Originally posted by Qqmike View Post

Synaptic says it is not installed, though it should be if, in fact, Discover did install it.

It isn't being installed by apt at all, nor is it from Ubuntu. Discover is pulling this via fwupmgr, using firmware files supplied by hardware and related vendors from LVFS.

Gnome iirc has a similar functionality in Gnome-Software, and these firmware updates aren't distro specific at all. Everyone has been getting them over a number of months.

**Qqmike** · 2025-06-20T21:00:29

Actually, Discover (-> Installed Files) indicates that it has been installed on my system.
Not sure why it keeps popping up under "Updates" for the past few days, each requiring a re-boot.
Not that it matters b/c I don't have secure boot/Windows.

**claydoh** · 2025-06-21T01:27:24

It may be that the firmware is actually failing to install or that the UEFI firmware is not reporting the updated dbx? It seems to be possibly be doing this for some, who have secure-boot disabled.
I do, on both my systems, but had no issues, so this may be board-specific.
You could try using fwupmgr directly to view any error messages, or j(easier) just disable the firmware update options in Discover's settings.

**Qqmike** · 2025-06-21T02:30:49

just disable the firmware update options in Discover's settings.

Yes, I think that's the best idea! I only played with it awhile to see what's going on. I did google dbx and saw that it wasn't really relevant on my system.
Thanks.

Announcement

Should UEFI dbx be installed?

Should UEFI dbx be installed?

Comment

Comment

Comment

Comment

Comment

Comment

Users Viewing This Topic