Public bug reported:
[ Impact ]
* On UEFI platforms, sbverify is used by linux-signed packaging to
check correctness of signing (to ensure that kernel was not signed with
a revoked key by accident).
* Some signed packages are missing such build dependency on arm64
platforms.
[ Test Plan ]
* Check linux-signed package build-log and ensure that sbverify calls
do not result in command not found, but instead correctly check and
reject verification against revoked certs.
[ Where problems could occur ]
* sbverify is available on all uefi platforms
[ Other Info ]
* All other packages have correct dependency.
** Affects: linux-signed-gcp (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-signed-gcp in Ubuntu.
https://bugs.launchpad.net/bugs/2004010
Title:
Missing sbsigntool build-dependency
Status in linux-signed-gcp package in Ubuntu:
New
Bug description:
[ Impact ]
* On UEFI platforms, sbverify is used by linux-signed packaging to
check correctness of signing (to ensure that kernel was not signed
with a revoked key by accident).
* Some signed packages are missing such build dependency on arm64
platforms.
[ Test Plan ]
* Check linux-signed package build-log and ensure that sbverify calls
do not result in command not found, but instead correctly check and
reject verification against revoked certs.
[ Where problems could occur ]
* sbverify is available on all uefi platforms
[ Other Info ]
* All other packages have correct dependency.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-signed-gcp/+bug/2004010/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp