[MIR] sbsigntool
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
sbsigntool (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Availability: In universe for amd64.
Rationale: Used as part of our signing toolchain for Secure Boot images in launchpad, so it's de facto supported by Canonical already (and was written by Canonical). We would also like to use this at build-time of the shim-signed package to verify the correctness of the signed binaries returned to us by Microsoft. (Currently there are some gaps that result in me doing this by hand, so this build-dependency may not be added in time for 12.10 regardless.)
Security: This is a commandline tool, not run as root, so user security exposure is greatly limited despite its substantial security implications for Secure Boot as a whole.
QA: there is a test suite in tree that's run at package build time.
Maintenance: Foundations.
Changed in sbsigntool (Ubuntu): | |
importance: | Undecided → Medium |
promoted to main. Please fix the i386 configury properly, using the $host macros, not fiddling around with uname and then fixing it ...
Override component to main utils/optional -> main utils/optional -> main
sbsigntool 0.6-0ubuntu1 in quantal: universe/utils -> main
sbsigntool 0.4-0ubuntu2 in quantal amd64: universe/
sbsigntool 0.4-0ubuntu2 in quantal i386: universe/
3 publications overridden.