[MIR] sbsigntool

Bug #1066016 reported by Steve Langasek on 2012-10-12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
sbsigntool (Ubuntu)

Bug Description

Availability: In universe for amd64.

Rationale: Used as part of our signing toolchain for Secure Boot images in launchpad, so it's de facto supported by Canonical already (and was written by Canonical). We would also like to use this at build-time of the shim-signed package to verify the correctness of the signed binaries returned to us by Microsoft. (Currently there are some gaps that result in me doing this by hand, so this build-dependency may not be added in time for 12.10 regardless.)

Security: This is a commandline tool, not run as root, so user security exposure is greatly limited despite its substantial security implications for Secure Boot as a whole.

QA: there is a test suite in tree that's run at package build time.

Maintenance: Foundations.

Steve Langasek (vorlon) on 2012-10-12
Changed in sbsigntool (Ubuntu):
importance: Undecided → Medium
Matthias Klose (doko) wrote :

promoted to main. Please fix the i386 configury properly, using the $host macros, not fiddling around with uname and then fixing it ...

Override component to main
sbsigntool 0.6-0ubuntu1 in quantal: universe/utils -> main
sbsigntool 0.4-0ubuntu2 in quantal amd64: universe/utils/optional -> main
sbsigntool 0.4-0ubuntu2 in quantal i386: universe/utils/optional -> main
3 publications overridden.

Changed in sbsigntool (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers