[MIR] gcab
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
appstream-glib (Ubuntu) |
Fix Released
|
Low
|
Unassigned | ||
gcab (Ubuntu) |
Fix Released
|
High
|
Unassigned |
Bug Description
Availability: builds for all architectures
Rationale: This package is a new build dependency for Appstream-glib to support parsing cab files. Appstream-glib is a dependency for fwupd which provides an end user manager for Firmware updates distributed as UEFI capsules encapsulated in .CAB files. Linux friendly vendors will start shipping BIOS updates in UEFI capsules and this effort is to support being able to use them in Ubuntu.
QA:
* No extra work is needed to configure the package after installation
* No debconf questions are asked
* Has a debian/watch file
* All dependencies and build dependencies are in main
Open bugs:
Debian: none (as of 7/15)
https:/
Ubuntu: none (as of 7/15)
https:/
Security:
* Has had 1 CVE in CVE tracker. It was resolved within 2 days in Debian. Upstream had no concerns with accepting the patch.
https:/
Changed in gcab (Ubuntu): | |
status: | Confirmed → Triaged |
importance: | Undecided → High |
tags: | added: gnome-software-ubuntu |
Changed in gcab (Ubuntu): | |
importance: | High → Critical |
Packaging wise, gcab is good. No delta, symbols file, no open bugs.
It does need a team bug subscriber in Ubuntu though, for the team that will look after it.
I'm also going to pass to the security team for a quick look, since this reads binary file formats and deals with firmware (and has had a recent CVE).