Processed: Re: Bug#1032849: unblock: shim/15.7-1 (etc.)
Processing control commands: > tags -1 pending Bug #1032849 [release.debian.org] unblock: shim/15.7-1 (etc.) Added tag(s) pending. -- 1032849: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032849 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1032849: unblock: shim/15.7-1 (etc.)
Control: tags -1 pending Hi Steve, On 12-03-2023 19:56, Steve McIntyre wrote: Please unblock our stack of shim and shim-signed packages. As mentioned on IRC, I like to age it one or two days more, but the hints are already in my hints file (commented out), so I'll do that tomorrow or on Tuesday. Paul OpenPGP_signature Description: OpenPGP digital signature
Bug#1032849: unblock: shim/15.7-1 (etc.)
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: debian-...@lists.debian.org Hi! Please unblock our stack of shim and shim-signed packages. We finally have new signed shim binaries and there's a lot of major bugfixes included which cascade down: shim (15.7-1) unstable; urgency=medium * New upstream release fixing more bugs * Add further patches from upstream: + Make sbat_var.S parse right with buggy gcc/binutils + Enable NX support at build time, as required by policy for signing new shim binaries. * Switch to using gcc-12. Closes: #1022180 * Update to Standards-Version 4.6.2 (no changes needed) * Block Debian grub binaries with sbat < 4 (see #1024617) shim-signed (1.39) unstable; urgency=medium * Build against new signed binaries corresponding to 15.7-1 + This syncs up build-deps again. Closes: #1016280 + We now have arm64 signed shims again \o/ Undo the hacky unsigned arm64 build Closes: #1008942, #992073, #991478 Pulls multiple other bugfixes in for the signed version: + Make sbat_var.S parse right with buggy gcc/binutils + Enable NX support at build time, as required by policy for signing new shim binaries. + Fixes argument handling bug with some firmware implementations. Closes: #995940 * Update build-dep on shim-unsigned to use 15.7-1 * Block Debian grub binaries with sbat < 4 (see #1024617) + Update Depends on grub2-common to match. * postinst/postrm: make config_item() more robust * Add pt_BR translation, thanks to Paulo Henrique de Lima Santana. Closes: #1026415 * Tweak dependencies unblock shim/15.7-1 unblock shim-signed/1.39 unblock shim-helpers-amd64-signed/1+15.7+1 unblock shim-helpers-arm64-signed/1+15.7+1 unblock shim-helpers-i386-signed/1+15.7+1