Missing sbsigntool build-dependency
Bug #2004010 reported by
Dimitri John Ledkov
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-signed-gcp (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[ Impact ]
* On UEFI platforms, sbverify is used by linux-signed packaging to check correctness of signing (to ensure that kernel was not signed with a revoked key by accident).
* Some signed packages are missing such build dependency on arm64 platforms.
[ Test Plan ]
* Check linux-signed package build-log and ensure that sbverify calls do not result in command not found, but instead correctly check and reject verification against revoked certs.
[ Where problems could occur ]
* sbverify is available on all uefi platforms
[ Other Info ]
* All other packages have correct dependency.
To post a comment you must log in.
This bug was fixed in the package linux-signed-gcp - 5.15.0-1030.37
---------------
linux-signed-gcp (5.15.0-1030.37) jammy; urgency=medium
* Master version: 5.15.0-1030.37
* Missing sbsigntool build-dependency (LP: #2004010)
- [Packaging] Add sbsigntool build-dependcy on all arches
* SIGNEDv3: add a linux-generate ancillary package (LP: #1989705)
- [Packaging] convert to v3.1 autogen form
* Miscellaneous Ubuntu changes
- debian/tracking-bug -- update from master
-- Thadeu Lima de Souza Cascardo <email address hidden> Tue, 14 Feb 2023 15:43:03 -0300