Package: fwupd Version: 1.2.5-2 Severity: important Dear Maintainer,
I'm quoting from https://blogs.gnome.org/hughsie/2019/12/11/improving-the-security-model-of-the-lvfs/ [...] > Most people should be running fwupd 1.3.x, which is the latest and > greatest branch of fwupd. I appreciate some LTS distros can’t rebase > to a newer minor version, and so for old versions of fwupd I’ve > backported the fix. These are the fixes you want if you’re running > 0.9.x, 1.0.x, 1.1.x or 1.2.x[1]. > > I’ll make the vendor-id a hard requirement for all vendors in about 6 > months time, so if you maintain a distro packaged version of fwupd you > have that much time before some updates will stop working. If anyone > has comments or concerns, please let me know. It thus seems like it would be a good idea to prepare a stable update of fwupd including (atleast): [1]: https://github.com/fwupd/fwupd/commit/004a0624d05211e8436060bb7af6b0c6f2d805a3 Regards, Andreas Henriksson