libtss2-udev was part of tpm2-tss when it was MIR+Security reviewed in Disco.
The new tpm-udev package was split out after that review to be re-usable in different places. But the content is exactly what was reviewed: Disco: $ dpkg -L libtss2-udev /. /lib /lib/udev /lib/udev/rules.d /lib/udev/rules.d/60-libtss2-udev.rules /usr /usr/share /usr/share/doc /usr/share/doc/libtss2-udev /usr/share/doc/libtss2-udev/changelog.Debian.gz /usr/share/doc/libtss2-udev/copyright /var /var/lib /var/lib/tpm $ md5sum /lib/udev/rules.d/60-libtss2-udev.rules 29b0b97d7fbee510da26feb36f5222e5 /lib/udev/rules.d/60-libtss2-udev.rules Focal: $ dpkg -L tpm-udev /. /lib /lib/udev /lib/udev/rules.d /lib/udev/rules.d/60-tpm-udev.rules /usr /usr/share /usr/share/doc /usr/share/doc/tpm-udev /usr/share/doc/tpm-udev/changelog.gz /usr/share/doc/tpm-udev/copyright /var /var/lib /var/lib/tpm $ md5sum /lib/udev/rules.d/60-tpm-udev.rules 29b0b97d7fbee510da26feb36f5222e5 /lib/udev/rules.d/60-tpm-udev.rules See that even the md5 on the rules is the same that was reviewed in https://bugs.launchpad.net/ubuntu/+source/tpm2-tss/+bug/1841595/comments/6 already. The changes since then are in the postinst (as that is its main function). That covers: - mark libtss2-udev Multi-Arch: foreign (Closes: #941146) - call udevadm trigger after installing libtss2-udev (Closes: #940642) - /var/lib/tpm/ not owned by tss user/group (Closes: #940643) All of these seem right and not security critical (well the last is even an improvement). Therefore since all the content was actually already reviewed and the packaging on this seems to be fine as well IMHO we can fast-path this to the same approved state as the base MIR in bug 1841595. MIR - ack Security - no review needed (not again) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1852347 Title: [MIR] tpm-udev To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tpm-udev/+bug/1852347/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
