| 2020-09-10 12:07:32 |
Dave Jones |
bug |
|
|
added bug |
| 2020-09-10 12:07:42 |
Dave Jones |
bug |
|
|
added subscriber MIR approval team |
| 2020-09-15 14:42:10 |
Christian Ehrhardt |
rpi-eeprom (Ubuntu): assignee |
|
Christian Ehrhardt (paelzer) |
|
| 2020-09-16 10:31:16 |
Christian Ehrhardt |
bug task added |
|
raspberrypi-userland (Ubuntu) |
|
| 2020-09-16 10:31:34 |
Christian Ehrhardt |
description |
[Availability]
The package is in proposed, pending a correction to Architecture to permit it to migrate to multiverse (LP: #1884748).
[Rationale]
The package is required for updating the boot EEPROM on the Raspberry Pi 4.
[Security]
I am not aware of any open CVEs against the tools in rpi-eeprom.
[Quality assurance]
The package is extensively used upstream on Raspbian, and is obviously actively maintained there. There is no meaningful test suite included in the package, but the contents of the package are regularly exercised in image testing (and boot EEPROM testing).
[UI standards]
Manual pages are included for both utilties included in the package (rpi-eeprom-config and rpi-eeprom-update), but localization is missing from both utilities at present. However, most users will never use these utilities directly. Rather, they are typically launched by a systemd service on boot which automatically applies new versions of the boot EEPROM.
[Dependencies]
The package depends on binutils, python3, and pciutils, all of which are already in main. It also depends on linux-firmware-raspi2 and libraspberrypi-bin which are the subject of other MIRs (LP: #1867813, LP: #1895133).
[Standards compliance]
The package installs its scripts under /usr/bin.
[Maintenance]
The package is maintained by the Ubuntu Foundations team.
[Background information]
As this is a dependency for keeping the boot EEPROM on the Raspberry Pi 4 up to date, the intention is to install this by default in all pi-related images going forward. |
[Availability]
The package is in proposed, pending a correction to Architecture to permit it to migrate to multiverse (LP: #1884748).
[Rationale]
The package is required for updating the boot EEPROM on the Raspberry Pi 4.
[Security]
I am not aware of any open CVEs against the tools in rpi-eeprom.
[Quality assurance]
The package is extensively used upstream on Raspbian, and is obviously actively maintained there. There is no meaningful test suite included in the package, but the contents of the package are regularly exercised in image testing (and boot EEPROM testing).
[UI standards]
Manual pages are included for both utilties included in the package (rpi-eeprom-config and rpi-eeprom-update), but localization is missing from both utilities at present. However, most users will never use these utilities directly. Rather, they are typically launched by a systemd service on boot which automatically applies new versions of the boot EEPROM.
[Dependencies]
The package depends on binutils, python3, and pciutils, all of which are already in main. It also depends on linux-firmware-raspi2 and libraspberrypi-bin which are the subject of other MIRs (LP: #1867813, LP: #1895133).
[Standards compliance]
The package installs its scripts under /usr/bin.
[Maintenance]
The package is maintained by the Ubuntu Foundations team.
[Background information]
As this is a dependency for keeping the boot EEPROM on the Raspberry Pi 4 up to date, the intention is to install this by default in all pi-related images going forward.
---
[Availability]
The package is already in universe.
[Rationale]
The package is depended upon by the new raspi-common seed, for inclusion in all pi related images. The reason for its inclusion in the seed is that the libraspberrypi-bin package provides the vcgencmd and dtoverlay utilities which are both required by rpi-eeprom (the subject of a separate MIR, LP: #1895137) for updating the boot EEPROM on the Raspberry Pi 4.
The libraspberrypi0 package is a dependency of libraspberrypi-bin and both are built from the raspberrypi-userland source package.
[Security]
I am not aware of any open CVEs against the tools in libraspberrypi-bin or the libraries in libraspberrypi0.
It may be worth noting that the -bin package installs a udev rule (in /lib/udev/10-local-rpi.rules) permitting members of the "video" group access to /dev/vchiq, which is required for all the VC related utilities (including vcgencmd, raspivid, and raspistill) to be operated without root privileges.
[Quality assurance]
The package is extensively used upstream on Raspbian, and is obviously actively maintained there. There is no meaningful test suite included in the package, but the contents of the package are regularly exercised in image testing (and boot EEPROM testing).
[UI standards]
I've added manual pages for all the utilities I'm able to, but localization is missing from all utilities at present. However, most users will never use these utilities directly (bar, perhaps, the raspivid and raspistill utilities for the camera module). Instead the most common scenario is that the utilities will be used (invisibly) by other scripts (e.g. rpi-eeprom-update) for maintenance purposes like manipulating the boot EEPROM.
[Dependencies]
As noted above, libraspberrypi-bin depends on libraspberrypi0. It also depends on device-tree-compiler and libc6, both of which are already in main. libraspberrypi0 in turn merely depends on libc6.
[Standards compliance]
The package installs its binaries under /usr/bin, and its libraries under /usr/lib. Upstream does not version their API, so the libraries are unversioned.
[Maintenance]
The package is maintained by the Ubuntu Foundations team.
[Background information]
As noted above, the package is a dependency of the recently added raspi-common seed (https://lists.ubuntu.com/archives/ubuntu-release/2020-September/005086.html). As it is a dependency for keeping the boot EEPROM on the Raspberry Pi 4 up to date, the intention is to install this by default in all pi-related images going forward. |
|
| 2020-09-16 10:32:07 |
Christian Ehrhardt |
raspberrypi-userland (Ubuntu): assignee |
|
Matthias Klose (doko) |
|
| 2020-09-16 10:57:29 |
Ikuya Awashiro |
bug |
|
|
added subscriber Ikuya Awashiro |
| 2020-09-16 11:09:30 |
Christian Ehrhardt |
rpi-eeprom (Ubuntu): assignee |
Christian Ehrhardt (paelzer) |
Ubuntu Security Team (ubuntu-security) |
|
| 2020-09-16 11:09:32 |
Christian Ehrhardt |
rpi-eeprom (Ubuntu): status |
New |
Incomplete |
|
| 2020-09-30 13:39:09 |
Launchpad Janitor |
rpi-eeprom (Ubuntu): status |
Incomplete |
Fix Released |
|
| 2020-09-30 14:18:31 |
Dimitri John Ledkov |
rpi-eeprom (Ubuntu): status |
Fix Released |
Triaged |
|
| 2020-10-07 11:14:40 |
Dimitri John Ledkov |
description |
[Availability]
The package is in proposed, pending a correction to Architecture to permit it to migrate to multiverse (LP: #1884748).
[Rationale]
The package is required for updating the boot EEPROM on the Raspberry Pi 4.
[Security]
I am not aware of any open CVEs against the tools in rpi-eeprom.
[Quality assurance]
The package is extensively used upstream on Raspbian, and is obviously actively maintained there. There is no meaningful test suite included in the package, but the contents of the package are regularly exercised in image testing (and boot EEPROM testing).
[UI standards]
Manual pages are included for both utilties included in the package (rpi-eeprom-config and rpi-eeprom-update), but localization is missing from both utilities at present. However, most users will never use these utilities directly. Rather, they are typically launched by a systemd service on boot which automatically applies new versions of the boot EEPROM.
[Dependencies]
The package depends on binutils, python3, and pciutils, all of which are already in main. It also depends on linux-firmware-raspi2 and libraspberrypi-bin which are the subject of other MIRs (LP: #1867813, LP: #1895133).
[Standards compliance]
The package installs its scripts under /usr/bin.
[Maintenance]
The package is maintained by the Ubuntu Foundations team.
[Background information]
As this is a dependency for keeping the boot EEPROM on the Raspberry Pi 4 up to date, the intention is to install this by default in all pi-related images going forward.
---
[Availability]
The package is already in universe.
[Rationale]
The package is depended upon by the new raspi-common seed, for inclusion in all pi related images. The reason for its inclusion in the seed is that the libraspberrypi-bin package provides the vcgencmd and dtoverlay utilities which are both required by rpi-eeprom (the subject of a separate MIR, LP: #1895137) for updating the boot EEPROM on the Raspberry Pi 4.
The libraspberrypi0 package is a dependency of libraspberrypi-bin and both are built from the raspberrypi-userland source package.
[Security]
I am not aware of any open CVEs against the tools in libraspberrypi-bin or the libraries in libraspberrypi0.
It may be worth noting that the -bin package installs a udev rule (in /lib/udev/10-local-rpi.rules) permitting members of the "video" group access to /dev/vchiq, which is required for all the VC related utilities (including vcgencmd, raspivid, and raspistill) to be operated without root privileges.
[Quality assurance]
The package is extensively used upstream on Raspbian, and is obviously actively maintained there. There is no meaningful test suite included in the package, but the contents of the package are regularly exercised in image testing (and boot EEPROM testing).
[UI standards]
I've added manual pages for all the utilities I'm able to, but localization is missing from all utilities at present. However, most users will never use these utilities directly (bar, perhaps, the raspivid and raspistill utilities for the camera module). Instead the most common scenario is that the utilities will be used (invisibly) by other scripts (e.g. rpi-eeprom-update) for maintenance purposes like manipulating the boot EEPROM.
[Dependencies]
As noted above, libraspberrypi-bin depends on libraspberrypi0. It also depends on device-tree-compiler and libc6, both of which are already in main. libraspberrypi0 in turn merely depends on libc6.
[Standards compliance]
The package installs its binaries under /usr/bin, and its libraries under /usr/lib. Upstream does not version their API, so the libraries are unversioned.
[Maintenance]
The package is maintained by the Ubuntu Foundations team.
[Background information]
As noted above, the package is a dependency of the recently added raspi-common seed (https://lists.ubuntu.com/archives/ubuntu-release/2020-September/005086.html). As it is a dependency for keeping the boot EEPROM on the Raspberry Pi 4 up to date, the intention is to install this by default in all pi-related images going forward. |
= rpi-eeprom =
[Availability]
The package is in proposed, pending a correction to Architecture to permit it to migrate to multiverse (LP: #1884748).
[Rationale]
The package is required for updating the boot EEPROM on the Raspberry Pi 4.
[Security]
I am not aware of any open CVEs against the tools in rpi-eeprom.
[Quality assurance]
The package is extensively used upstream on Raspbian, and is obviously actively maintained there. There is no meaningful test suite included in the package, but the contents of the package are regularly exercised in image testing (and boot EEPROM testing).
[UI standards]
Manual pages are included for both utilties included in the package (rpi-eeprom-config and rpi-eeprom-update), but localization is missing from both utilities at present. However, most users will never use these utilities directly. Rather, they are typically launched by a systemd service on boot which automatically applies new versions of the boot EEPROM.
[Dependencies]
The package depends on binutils, python3, and pciutils, all of which are already in main. It also depends on linux-firmware-raspi2 and libraspberrypi-bin which are the subject of other MIRs (LP: #1867813, LP: #1895133).
[Standards compliance]
The package installs its scripts under /usr/bin.
[Maintenance]
The package is maintained by the Ubuntu Foundations team.
[Background information]
As this is a dependency for keeping the boot EEPROM on the Raspberry Pi 4 up to date, the intention is to install this by default in all pi-related images going forward.
---
= raspberrypi-userland =
[Availability]
The package is already in universe.
[Rationale]
The package is depended upon by the new raspi-common seed, for inclusion in all pi related images. The reason for its inclusion in the seed is that the libraspberrypi-bin package provides the vcgencmd and dtoverlay utilities which are both required by rpi-eeprom (the subject of a separate MIR, LP: #1895137) for updating the boot EEPROM on the Raspberry Pi 4.
The libraspberrypi0 package is a dependency of libraspberrypi-bin and both are built from the raspberrypi-userland source package.
[Security]
I am not aware of any open CVEs against the tools in libraspberrypi-bin or the libraries in libraspberrypi0.
It may be worth noting that the -bin package installs a udev rule (in /lib/udev/10-local-rpi.rules) permitting members of the "video" group access to /dev/vchiq, which is required for all the VC related utilities (including vcgencmd, raspivid, and raspistill) to be operated without root privileges.
[Quality assurance]
The package is extensively used upstream on Raspbian, and is obviously actively maintained there. There is no meaningful test suite included in the package, but the contents of the package are regularly exercised in image testing (and boot EEPROM testing).
[UI standards]
I've added manual pages for all the utilities I'm able to, but localization is missing from all utilities at present. However, most users will never use these utilities directly (bar, perhaps, the raspivid and raspistill utilities for the camera module). Instead the most common scenario is that the utilities will be used (invisibly) by other scripts (e.g. rpi-eeprom-update) for maintenance purposes like manipulating the boot EEPROM.
[Dependencies]
As noted above, libraspberrypi-bin depends on libraspberrypi0. It also depends on device-tree-compiler and libc6, both of which are already in main. libraspberrypi0 in turn merely depends on libc6.
[Standards compliance]
The package installs its binaries under /usr/bin, and its libraries under /usr/lib. Upstream does not version their API, so the libraries are unversioned.
[Maintenance]
The package is maintained by the Ubuntu Foundations team.
[Background information]
As noted above, the package is a dependency of the recently added raspi-common seed (https://lists.ubuntu.com/archives/ubuntu-release/2020-September/005086.html). As it is a dependency for keeping the boot EEPROM on the Raspberry Pi 4 up to date, the intention is to install this by default in all pi-related images going forward. |
|
| 2020-10-07 11:14:47 |
Dimitri John Ledkov |
summary |
[MIR] rpi-eeprom |
[MIR] rpi-eeprom; raspberrypi-userland |
|
| 2020-10-16 03:18:23 |
Seth Arnold |
rpi-eeprom (Ubuntu): assignee |
Ubuntu Security Team (ubuntu-security) |
|
|
| 2020-10-16 03:18:28 |
Seth Arnold |
rpi-eeprom (Ubuntu): status |
Triaged |
In Progress |
|
| 2020-10-16 12:06:32 |
Matthias Klose |
raspberrypi-userland (Ubuntu): status |
New |
Incomplete |
|
| 2020-10-16 12:06:40 |
Matthias Klose |
raspberrypi-userland (Ubuntu): assignee |
Matthias Klose (doko) |
|
|
| 2021-01-14 23:46:41 |
Brian Murray |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2021-01-14 23:46:43 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
| 2021-01-25 10:29:18 |
Łukasz Zemczak |
raspberrypi-userland (Ubuntu): status |
Incomplete |
In Progress |
|
| 2021-01-25 11:01:01 |
Matthias Klose |
raspberrypi-userland (Ubuntu): status |
In Progress |
New |
|
| 2021-01-26 15:35:55 |
Christian Ehrhardt |
rpi-eeprom (Ubuntu): assignee |
|
Matthias Klose (doko) |
|
| 2021-01-26 15:45:53 |
Christian Ehrhardt |
rpi-eeprom (Ubuntu): assignee |
Matthias Klose (doko) |
|
|
| 2021-01-26 15:45:58 |
Christian Ehrhardt |
raspberrypi-userland (Ubuntu): assignee |
|
Matthias Klose (doko) |
|
| 2021-02-17 11:13:07 |
Christian Ehrhardt |
raspberrypi-userland (Ubuntu): assignee |
Matthias Klose (doko) |
|
|
| 2021-02-17 11:13:10 |
Christian Ehrhardt |
rpi-eeprom (Ubuntu): status |
In Progress |
Fix Committed |
|
| 2021-02-17 11:13:12 |
Christian Ehrhardt |
raspberrypi-userland (Ubuntu): status |
New |
Fix Committed |
|
| 2021-02-17 11:13:27 |
Christian Ehrhardt |
bug |
|
|
added subscriber Ubuntu Package Archive Administrators |
| 2021-02-18 15:08:52 |
Matthias Klose |
raspberrypi-userland (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2021-02-18 15:09:30 |
Matthias Klose |
rpi-eeprom (Ubuntu): status |
Fix Committed |
Fix Released |
|
