Fwupd 2.0.8 Released with Enhanced UEFI Support

Fwupd 2.0.8 introduces new plugins to update UEFI Signature Database and KEK, plus several bug fixes enhancing UEFI and hardware compatibility.

Fwupd 2.0.8 Released with Enhanced UEFI Support

Over a month after its previous 2.0.7 release, Fwupd, an open-source utility designed to make updating firmware on Linux-based systems easier and more automatic, rolled out its new 2.0.8 version. Notably, it brings two key new features while also addressing several important stability issues.

First and foremost, this release introduces the updated UEFI database as a new Hardware Security Interface attribute. In practical terms, it means that the firmware update process can now carry additional metadata, thereby reinforcing firmware integrity and traceability.

On top of that, fwupd 2.0.8 includes two new plugins capable of updating the UEFI Signature Database and the Key Exchange Key. This improvement is especially important for users who regularly deploy firmware updates across multiple systems, as it offers a simpler method to maintain security compliance and reduce the risk of misconfiguration.

Moreover, the fwupd developers have resolved numerous bugs that previously hindered certain operations. In particular, the software now correctly includes “/sys/firmware/efi/efivars” in “ReadWritePaths,” ensuring that all necessary directories are accessible during updates.

In addition, the new version avoids DPAUX IO when the BnR DPCD does not match, eliminating a problematic scenario that caused unexpected behavior in earlier releases. The update also detects Firehose protocol features properly if they are not automatically sent, preventing errors related to device communications.

Some of the other noteworthy bug fixes include improvements to the way fwupd checks for Supermicro hardware and Redfish methods, stricter JSON mode handling that suppresses prompts and messages, and adjustments that reduce critical warnings—such as the one triggered when enumerating DTH135K0C.

Lastly, fwupd now ensures that UEFI capsule updates are limited to UEFI-capable architectures, preventing unsupported devices from attempting an incompatible procedure. Additional refinements include better handling of lowercase directory names during ESP checks and a more precise method of setting the version format for offline installations via fwupdtool.

For more details on all novelties, see the changelog.

Bobby Borisov

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Related Posts