[MIR] ubuntu-image
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
pyparted (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
ubuntu-image (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
livecd-rootfs now depends on ubuntu-image, which therefore should be promoted to main.
ubuntu-image is maintained by the Ubuntu Foundations team as upstream. The package already has an SRU exception, <https:/
autopkgtests and upstream CI are in place for this package.
foundations-bugs is subscribed to the package and there is no CVE history. The software interacts with local files as a non-privileged user and presents a narrow security attack surface. It delegates security-sensitive operations (cryptographic verification, etc) to 'snap prepare-image' from the snapd package, already in main.
ubuntu-image also pulls in pyparted as a dependency. pyparted is a thin wrapper around libparted, already in main. It is in sync with Debian from 14.04 on and has no open bug reports in Debian; the only bug reports open in Ubuntu are those reported by the ubuntu-image team. Upstream project: https:/
No security issues reported at http://
I am pre-promoting these packages in order to unblock migration of livecd-rootfs and automated image building for artful.