From 590cb50577299625012d502ac1e89f0ff58048eb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
Date: Mon, 24 Nov 2025 10:04:33 +0100
Subject: [PATCH] sbat: bump for November Grub CVEs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

while this are not major vulnerabilities, we still need an SBAT bump to allow
referencing and revoking them on their own.

since the main grub level is bumped, we can drop the .proxmox one.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
 SbatLevel_Variable.txt | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/SbatLevel_Variable.txt b/SbatLevel_Variable.txt
index cae0e0a4c..2b1f3f10b 100644
--- a/SbatLevel_Variable.txt
+++ b/SbatLevel_Variable.txt
@@ -132,3 +132,10 @@ sbat,1,2025051000
 shim,4
 grub,5
 grub.proxmox,2
+
+Revocations for:
+ - November 2025 grub CVEs (CVE-2025-54770/54771, CVE-2025-61661/61662/61663/61664)
+
+sbat,1,2025112400
+shim,4
+grub,6