u-boot Flat Image Tree (FIT) signing support

Hello Andy, or anyone else affected,

Accepted u-boot into disco-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/u-boot/2018.07~rc3+dfsg1-0ubuntu3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-disco to verification-done-disco. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-disco. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Andy, or anyone else affected,

Accepted u-boot into cosmic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/u-boot/2018.07~rc3+dfsg1-0ubuntu3~18.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-cosmic to verification-done-cosmic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-cosmic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Andy, or anyone else affected,

Accepted u-boot into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/u-boot/2018.07~rc3+dfsg1-0ubuntu3~18.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Andy, or anyone else affected,

Accepted u-boot into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/u-boot/2016.01+dfsg1-2ubuntu4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Test script to confirm FIT image build and signature is available.

This bug was fixed in the package u-boot - 2019.04+dfsg-2ubuntu2

---------------
u-boot (2019.04+dfsg-2ubuntu2) eoan; urgency=low

  * Enable FIT signing support (LP: #1831942)
    - Enable CONFIG_FIT_SIGNATURE so we can sign FIT images.
    - Add libssl-dev to Build-Depends: to enable crypto functionality.
    - Limit key names to keys within the keydir.

 -- Andy Whitcroft <email address hidden> Mon, 10 Jun 2019 15:44:35 +0100

Testing passed on eoan:

kernel.img: Device Tree Blob version 17, size=4722, boot CPU=0, string block size=197, DT structure block size=3060
  Sign algo: sha256,rsa2048:fit
  Sign value: 662b7f56516e0fb10f94520d9d816bad27341d2b9f8212d68053f124a073bce6c5cdcbc2e85c3bce84e5e8db0be9841c81f2f8f9a85cb1c690904b35069fbca1ec6801e714263e6b6b12b4443e988bd92b5ebcb351eb34c0c6dbd6d8964852ae1aea873f452f708824e6b4eddc9d69b14bf94666f9279abe45cf0d23311f58ecbad43638c41f241feb29e5c89ac8e1a7014fbe07b09abe89e5a1e7f86e741f9a69f138c178b8e76d5be348b306e213f839d2a71e6fe095c6336dbea16d09a4fded6540c6bef6a01bfa3108032304624332b0ac10cb91ccb953149947de27514d39e369b0c0058eed0231abf3576af35323b69b4fa70e94347d91a29eb4f6846b

ii u-boot-tools 2018.07~rc3+dfsg1-0ubuntu3 amd64 companion tools for Das U-Boot bootloader

Testing passed on disco:

kernel.img: Device Tree Blob version 17, size=4722, boot CPU=0, string block size=197, DT structure block size=3076
  Sign algo: sha256,rsa2048:fit
  Sign value: 46de2b22dbc1f12b1e048d13c2470bc15b84aae306bc10192390768a80a91979d26fb549a4bec0f151b0a71efd49d9083494572ff0894b4e6f304d674fef7c870cd9d85ba663f99b5f77db1a3e799d76e6e51f1e4197ac272678200bdfc687f44f63322bdd1c32e650a3a3b06b6b52eaf34bea66f53b20657518fa7d09f0f0878e80896085b28f515ad7959af71d67ab35834c546d174cc978c3ed722b74f82563b429e98511e8878ad1b95dfb14386febe788050c50c911f21581628554c143f4d7154a3b0d3ebc91c2f97438ccfc5a8321fbd99bdb66efcd8d109d43a4779ee970c1793b8e7b815e1a98c7d6ac435ad04dbc6993162453101d1db5a2c31a80

ii u-boot-tools 2018.07~rc3+dfsg1-0ubuntu3~18.10.1 amd64 companion tools for Das U-Boot bootloader

Testing passed on cosmic:

kernel.img: Device Tree Blob version 17, size=4722, boot CPU=0, string block size=197, DT structure block size=3108
  Sign algo: sha256,rsa2048:fit
  Sign value: 6a6a9af5f4b36cbb96772ea1e37890b94dc4a7fca26e90556fdd63ddf322ba0e9ad7d5ca1e8ce0195e05e898d18725d49c1fafabcf89b0918185f8a08456f0cfcc8250f9c640664eed6d9636ba370e53a59ca75f3910bdc3ec7607bf8337498bc8fd8c8e349839ddf946eedd0b307188150a9926604b48dc65054500e51cacba715014fdef675ad66d550ce558f316979d72e79c360886cb8e55aa9e9ce444fbe5a9b9981b155fc2bcac4c6a61fb464ddadb9a3821faba49ed53a96d84c71f0077b1a6f9056d9f35dae7aa16ee296fc536fa158028c5e9a13428407bc9854580f62cdaab3a572d7c0fff03a6ef3118973bd43109125593c372ae17a0be6a3d57

ii u-boot-tools 2018.07~rc3+dfsg1-0ubuntu3~18.04.1 amd64 companion tools for Das U-Boot bootloader

Testing passed on bionic:

kernel.img: Device Tree Blob version 17, size=4722, boot CPU=0, string block size=197, DT structure block size=3108
  Sign algo: sha256,rsa2048:fit
  Sign value: 23992fd48221ef3fe499766374da06422d629a7eebb41f3a47ff8b249f9f45c9ab0ad96e39ab264dc497ad1bfcba9c3d304785d30093f88eaadaa7538836da05cd5643baefb13b8981d65e12fdd8bfc9d2cd6fef9164040eef275623dbe4282af51f5065034f1510e6a79949fe5e07e621ab5687fe804f54a069b9873452a8070d11a3cd92d838756ba10b3f08d06a2697ea3dd62adde5f4b177b185e354d35daa0d4afd6ebc7bd8822dab330231e7154acd9213ac848a86b002d6fcc843080672a281ae5753bff80e44b536e4f314f1d18e37b41212d3c4b610d1e0d8b1bd5eb008a5a2a0b50a2f670dcd4d1dad4ba3e5838c2f2850b0a4967076a31e646c79

ii u-boot-tools 2016.01+dfsg1-2ubuntu4 amd64 companion tools for Das U-Boot bootloader

Testing failed:

mkimage Can't add hashes to FIT blob

Found a bug (fixed in later versions) where the auto-resize code can fail when ENOSPC is lost in the return chain. Fixed up and retested. Looking good. Submitted an updated SRU for xenial.

Hello Andy, or anyone else affected,

Accepted u-boot into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/u-boot/2016.01+dfsg1-2ubuntu5 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

ii u-boot-tools 2016.01+dfsg1-2ubuntu5 amd64 companion tools for Das U-Boot bootloader

Testing passed on xenial:

kernel.img: Device Tree Blob version 17, size=5046, boot CPU=0, string block size=197, DT structure block size=3060
  Sign algo: sha256,rsa2048:fit
  Sign value: 6c7ca5e448c39c58c3acd84d1825d4b3d5251f31ddb1ac7d3d0b69f55eedb286b315cdb40485827cec8b23b81ca2746f2123bf0459d7e6815004eaa20c886f0f3b86edb1afe124420caca16755611ee7ceec32e178d64f96a1793c1eb7654172560a5e3139e85204e9cd58214ba59b609dc6a352e6025fd0bceadf3da88d8c36cc3bde6409de758ce5ca23b889babc39396e65db866430ea25199c294cfe9bb4da17c1396a38e655c748f3a1c3f941981287acfbc47e0e4c09385490d674889b2cfdfeb59cde51b8d9b4d3b50160a1d1d6714d68ae706c6ae3677bc533f075002c14ea2187330f463adf73a83bda33ea2f2876ebbd6297093381ae3f1290d05e

Thank you for taking the time to verify this stable release fix. We have noticed that you have used the verification-done tag for marking the bug as verified and would like to point out that due to a recent change in SRU bug verification policy fixes now have to be marked with per-release tags (i.e. verification-done-$RELEASE). Please remove the verification-done tag and add one for the release you have tested the package in. Thank you!

https://wiki.ubuntu.com/StableReleaseUpdates#Verification

After some discussion with Andy, I will be releasing these SRUs much earlier conditionally. This is a special case and should not be treated as a general rule.

The bits from this SRU, especially for xenial, are required for a close-deadline project. The changes are isolated to the u-boot-tools package only, so the risk of breaking user systems is low. The change itself is (for most series) a config option change only - although even that can cause regressions, the risk is relatively low. I have checked the u-boot-tools reverse dependencies of their use of mkimage/dumpimage and assessed that the impact of any discovered regressions should be low as well. For xenial, as there was a bit more tweaking there, I also did a few non-FIT-related mkimage and dumpimage test runs to make sure the xenial-proposed version still works.

Let's get this released and keep a look-out for any reported regressions, reverting quickly to the previous version in case anything critical is found.

The verification of the Stable Release Update for u-boot has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package u-boot - 2018.07~rc3+dfsg1-0ubuntu3~18.10.1

---------------
u-boot (2018.07~rc3+dfsg1-0ubuntu3~18.10.1) cosmic; urgency=low

  * Enable FIT signing support (LP: #1831942)
    - Enable CONFIG_FIT_SIGNATURE so we can sign FIT images.
    - Add libssl-dev to Build-Depends: to enable crypto functionality.
    - Limit key names to keys within the keydir.

 -- Andy Whitcroft <email address hidden> Mon, 10 Jun 2019 16:00:22 +0100

This bug was fixed in the package u-boot - 2018.07~rc3+dfsg1-0ubuntu3~18.04.1

---------------
u-boot (2018.07~rc3+dfsg1-0ubuntu3~18.04.1) bionic; urgency=low

  * Enable FIT signing support (LP: #1831942)
    - Enable CONFIG_FIT_SIGNATURE so we can sign FIT images.
    - Add libssl-dev to Build-Depends: to enable crypto functionality.
    - Limit key names to keys within the keydir.

 -- Andy Whitcroft <email address hidden> Mon, 10 Jun 2019 20:52:14 +0100

This bug was fixed in the package u-boot - 2016.01+dfsg1-2ubuntu5

---------------
u-boot (2016.01+dfsg1-2ubuntu5) xenial; urgency=low

  * Enable FIT signing support (LP: #1831942)
    - Ensure fit_image_process_sig() ENOSPC return propogates to
      fit_file_name() space allocation loop.

u-boot (2016.01+dfsg1-2ubuntu4) xenial; urgency=low

  * Enable FIT signing support (LP: #1831942)
    - Fix configuration supply to tools to ensure CONFIG_FIT_SIGNATURE
      is available to mkimage such that is compiled with FIT build and
      sign support.
    - Add libssl-dev to Build-Depends: to enable crypto functionality.
    - Limit key names to keys within the keydir.

 -- Andy Whitcroft <email address hidden> Tue, 11 Jun 2019 22:44:54 +0100

This bug was fixed in the package u-boot - 2018.07~rc3+dfsg1-0ubuntu3

---------------
u-boot (2018.07~rc3+dfsg1-0ubuntu3) disco; urgency=low

  * Enable FIT signing support (LP: #1831942)
    - Enable CONFIG_FIT_SIGNATURE so we can sign FIT images.
    - Add libssl-dev to Build-Depends: to enable crypto functionality.
    - Limit key names to keys within the keydir.

 -- Andy Whitcroft <email address hidden> Mon, 10 Jun 2019 16:00:22 +0100

Fixed in stable r18987 <http://bazaar.launchpad.net/~launchpad-pqm/launchpad/stable/revision/18987>.

The merge for this has been deployed to dogfood. Added a FIT signable blob to the signing test packages and threw them into a FIT signing PPA on dogfood. This correctly triggered a new key to be generated:

  Generating a 2048 bit RSA private key
  .........................+++
  ...................+++
  writing new private key to '/srv/launchpad.net/ppa-signing-keys/uefi/apw/fit-1/fit/fit.key'

and apparent signing of the supplied object:

  FIT description: kernel, initrd and devicetree
  Created: Wed Jun 19 11:46:09 2019
   Image 0 (kernel@1)
    Description: kernel

These have published out as expected into dists, and appear correctly signed when downloaded. The public key is included as expected.

So I guess Ubuntu doesn't treat the incompatibilities between the GPL and OpenSSL as an issue?

@vagrantc neither does Debian, as per the Debian FTP masters decision.

Hello Andy, or anyone else affected,

Accepted u-boot into groovy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/u-boot/2020.10+dfsg-1ubuntu0~20.10 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-groovy to verification-done-groovy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-groovy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Andy, or anyone else affected,

Accepted u-boot into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/u-boot/2020.10+dfsg-1ubuntu0~20.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Andy, or anyone else affected,

Accepted u-boot into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/u-boot/2020.10+dfsg-1ubuntu0~18.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

The SRU acceptance messaging is an artifact of backporting the latest u-boot merge to stable series - this bug does not require explicit verification. Setting to verified.

Hello Andy, or anyone else affected,

Accepted u-boot into groovy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/u-boot/2020.10+dfsg-1ubuntu0~20.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-groovy to verification-done-groovy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-groovy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Andy, or anyone else affected,

Accepted u-boot into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/u-boot/2020.10+dfsg-1ubuntu0~20.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Andy, or anyone else affected,

Accepted u-boot into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/u-boot/2020.10+dfsg-1ubuntu0~18.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

As per comment #29.

This bug was fixed in the package u-boot - 2020.10+dfsg-1ubuntu0~20.10.1

---------------
u-boot (2020.10+dfsg-1ubuntu0~20.10.1) groovy; urgency=medium

  * SRU of changes through to 2020.10+dfsg-1ubuntu6 to fix Pi4-8GB & CM4 support,
    and add support for risc-v unleashed board:

  [ Dave Jones ]
  * Add d/p/rpi-8gb-pci.patch for Pi400 and Pi4-8Gb support (LP: #1906552)
  * Add d/p/rpi-cm4-sdhci.patch for CM4 eMMC support
  * Add d/p/rpi-maxargs.patch for new Core 18 boot-env (LP: #1910094)
  * Remove redundant d/targets entries

  [ Dimitri John Ledkov ]
  * Enable u-boot spl for unleashed. LP: #1905274

u-boot (2020.10+dfsg-1ubuntu0~20.10) groovy; urgency=low

  * SRU of 2020.10+dfsg-1 to support Raspberry Pi 4 ethernet (LP: #1903054)

  [ Dave Jones ]
  * Merge from Debian unstable. Remaining changes:
    - Enable Ubuntu support for the Nitrogen6x board (LP: #1838064)
      - Add d/p/ubuntu-nitrogen6q2g-config-tweaks.patch to tweak the
        nitrogen6q2g configs to better fit our Ubuntu usage.
      - Start building the nitrogen6x2g target for u-boot.
    - Enable FIT signing support (LP: #1831942)
      - Enable CONFIG_FIT_SIGNATURE so we can sign FIT images.
      - Add libssl-dev to Build-Depends: to enable crypto functionality.
      - Limit key names to keys within the keydir.
    - d/p/rpi-config-tweaks.patch: Configuration adjustments to the RPi
      configs
    - d/p/rpi-board-dt.patch: use the board's device-tree instead of an
      embedded one

  * Removed obsolete patches/changes:
    - d/p/lzo-to-lzno.patch: use gzip instead of lzo compression for FIT
      images as lzop in Ubuntu is in universe. This should be temporary and in
      the next releases ideally we should follow what Debian does.

u-boot (2020.10+dfsg-1) unstable; urgency=medium

  * New upstream release.

u-boot (2020.10~rc5+dfsg-1) experimental; urgency=medium

  [ Vagrant Cascadian ]
  * New upstream release candidate.
  * debian/control: u-boot-qemu: Set Multi-Arch: foreign.

  [ Uwe Kleine-König ]
  * control: Use https for upstream homepage

u-boot (2020.10~rc3+dfsg-1) experimental; urgency=medium

  * New upstream release candidate.
  * debian/patches: Refresh and remove obsolete patches.
  * [armhf] u-boot-sunxi: Add Bananapi_M2_Ultra (Closes: #962931). Thanks
    to Bernhard Wörner.
  * [arm64] u-boot-rockchip: Update rock-pi-4 .dtb names.
  * u-boot-qemu: Build firmware for qemu ppc e500 (Closes: #966624).

u-boot (2020.07+dfsg-2) unstable; urgency=medium

  [ Vagrant Cascadian ]
  * u-boot-install-rockchip: Update with additional RockPro64 names from
    linux 5.7 device-trees.

  [ Denis Pynkin ]
  * u-boot-rpi: Add rpi_arm64 target for arm64 (Closes: #966078).

  [ Vagrant Cascadian ]
  * debian/patches: Fix reproducibility of mx6cuboxi target.

u-boot (2020.07+dfsg-1) unstable; urgency=medium

  * New upstream release.
  * [armhf] u-boot-omap: Drop omap3_pandora, removed upstream.
  * [arm64] u-boot-amlogic: Install new board-specific documentation.
  * debian/patches: Fix riscv64 support for extlinux.
  * debian/control:
    - Upgrade to debhelper compat 13.
    - Update Build-Depends on arm-trusted-firmware.

u-boot (2020.07~rc4+dfsg-1) ex...

This bug was fixed in the package u-boot - 2020.10+dfsg-1ubuntu0~20.04.2

---------------
u-boot (2020.10+dfsg-1ubuntu0~20.04.2) focal; urgency=medium

  * SRU of changes through to 2020.10+dfsg-1ubuntu6 to fix Pi4-8GB & CM4 support,
    and add support for risc-v unleashed board:

  [ Dave Jones ]
  * Add d/p/rpi-8gb-pci.patch for Pi400 and Pi4-8Gb support (LP: #1906552)
  * Add d/p/rpi-cm4-sdhci.patch for CM4 eMMC support
  * Add d/p/rpi-maxargs.patch for new Core 18 boot-env (LP: #1910094)
  * Remove redundant d/targets entries

  [ Dimitri John Ledkov ]
  * Enable u-boot spl for unleashed. LP: #1905274

u-boot (2020.10+dfsg-1ubuntu0~20.04.1) focal; urgency=medium

  * SRU of 2020.10+dfsg-1 to support Raspberry Pi 4 (LP: #1903054)
  * Re-added d/p/lzo-to-lzno.patch as lzop is in universe prior to Groovy
  * Updated d/targets for compatibility with focal arm-trusted-firmware
  * Updated d/control for compatibility with focal debhelper
  * Reinstate rpi-config-migration script for focal

  [ Dave Jones ]
  * Merge from Debian unstable. Remaining changes:
    - Enable Ubuntu support for the Nitrogen6x board (LP: #1838064)
      - Add d/p/ubuntu-nitrogen6q2g-config-tweaks.patch to tweak the
        nitrogen6q2g configs to better fit our Ubuntu usage.
      - Start building the nitrogen6x2g target for u-boot.
    - Enable FIT signing support (LP: #1831942)
      - Enable CONFIG_FIT_SIGNATURE so we can sign FIT images.
      - Add libssl-dev to Build-Depends: to enable crypto functionality.
      - Limit key names to keys within the keydir.
    - d/p/rpi-config-tweaks.patch: Configuration adjustments to the RPi
      configs
    - d/p/rpi-board-dt.patch: use the board's device-tree instead of an
      embedded one

  * Removed obsolete patches/changes:
    - d/p/lzo-to-lzno.patch: use gzip instead of lzo compression for FIT
      images as lzop in Ubuntu is in universe. This should be temporary and in
      the next releases ideally we should follow what Debian does.

u-boot (2020.10+dfsg-1) unstable; urgency=medium

  * New upstream release.

u-boot (2020.10~rc5+dfsg-1) experimental; urgency=medium

  [ Vagrant Cascadian ]
  * New upstream release candidate.
  * debian/control: u-boot-qemu: Set Multi-Arch: foreign.

  [ Uwe Kleine-König ]
  * control: Use https for upstream homepage

u-boot (2020.10~rc3+dfsg-1) experimental; urgency=medium

  * New upstream release candidate.
  * debian/patches: Refresh and remove obsolete patches.
  * [armhf] u-boot-sunxi: Add Bananapi_M2_Ultra (Closes: #962931). Thanks
    to Bernhard Wörner.
  * [arm64] u-boot-rockchip: Update rock-pi-4 .dtb names.
  * u-boot-qemu: Build firmware for qemu ppc e500 (Closes: #966624).

u-boot (2020.07+dfsg-2) unstable; urgency=medium

  [ Vagrant Cascadian ]
  * u-boot-install-rockchip: Update with additional RockPro64 names from
    linux 5.7 device-trees.

  [ Denis Pynkin ]
  * u-boot-rpi: Add rpi_arm64 target for arm64 (Closes: #966078).

  [ Vagrant Cascadian ]
  * debian/patches: Fix reproducibility of mx6cuboxi target.

u-boot (2020.07+dfsg-1) unstable; urgency=medium

  * New upstream release.
  * [armhf] u-boot-omap: Drop omap3_pandora, removed upstream.
  * [arm64] ...

This bug was fixed in the package u-boot - 2020.10+dfsg-1ubuntu0~18.04.2

---------------
u-boot (2020.10+dfsg-1ubuntu0~18.04.2) bionic; urgency=medium

  * SRU of changes through to 2020.10+dfsg-1ubuntu6 to fix Pi4-8GB & CM4 support:

  * Add d/p/rpi-8gb-pci.patch for Pi400 and Pi4-8Gb support (LP: #1906552)
  * Add d/p/rpi-cm4-sdhci.patch for CM4 eMMC support
  * Add d/p/rpi-maxargs.patch for new Core 18 boot-env (LP: #1910094)
  * Remove redundant d/targets entries

u-boot (2020.10+dfsg-1ubuntu0~18.04.1) bionic; urgency=low

  * SRU of 2020.10+dfsg-1 to support Raspberry Pi 4 (LP: #1903054), and
    fix a failure to write issue (LP: #1900693)
  * Re-added d/p/lzo-to-lzno.patch as lzop is in universe prior to Groovy
  * Updated d/targets to remove arm-trusted-firmware references
  * Updated d/control for compatibility with bionic debhelper
  * Reinstate rpi-config-migration script for bionic

  [ Dave Jones ]
  * Merge from Debian unstable. Remaining changes:
    - Enable Ubuntu support for the Nitrogen6x board (LP: #1838064)
      - Add d/p/ubuntu-nitrogen6q2g-config-tweaks.patch to tweak the
        nitrogen6q2g configs to better fit our Ubuntu usage.
      - Start building the nitrogen6x2g target for u-boot.
    - Enable FIT signing support (LP: #1831942)
      - Enable CONFIG_FIT_SIGNATURE so we can sign FIT images.
      - Add libssl-dev to Build-Depends: to enable crypto functionality.
      - Limit key names to keys within the keydir.
    - d/p/rpi-config-tweaks.patch: Configuration adjustments to the RPi
      configs
    - d/p/rpi-board-dt.patch: use the board's device-tree instead of an
      embedded one

  * Removed obsolete patches/changes:
    - d/p/lzo-to-lzno.patch: use gzip instead of lzo compression for FIT
      images as lzop in Ubuntu is in universe. This should be temporary and in
      the next releases ideally we should follow what Debian does.

u-boot (2020.10+dfsg-1) unstable; urgency=medium

  * New upstream release.

u-boot (2020.10~rc5+dfsg-1) experimental; urgency=medium

  [ Vagrant Cascadian ]
  * New upstream release candidate.
  * debian/control: u-boot-qemu: Set Multi-Arch: foreign.

  [ Uwe Kleine-König ]
  * control: Use https for upstream homepage

u-boot (2020.10~rc3+dfsg-1) experimental; urgency=medium

  * New upstream release candidate.
  * debian/patches: Refresh and remove obsolete patches.
  * [armhf] u-boot-sunxi: Add Bananapi_M2_Ultra (Closes: #962931). Thanks
    to Bernhard Wörner.
  * [arm64] u-boot-rockchip: Update rock-pi-4 .dtb names.
  * u-boot-qemu: Build firmware for qemu ppc e500 (Closes: #966624).

u-boot (2020.07+dfsg-2) unstable; urgency=medium

  [ Vagrant Cascadian ]
  * u-boot-install-rockchip: Update with additional RockPro64 names from
    linux 5.7 device-trees.

  [ Denis Pynkin ]
  * u-boot-rpi: Add rpi_arm64 target for arm64 (Closes: #966078).

  [ Vagrant Cascadian ]
  * debian/patches: Fix reproducibility of mx6cuboxi target.

u-boot (2020.07+dfsg-1) unstable; urgency=medium

  * New upstream release.
  * [armhf] u-boot-omap: Drop omap3_pandora, removed upstream.
  * [arm64] u-boot-amlogic: Install new board-specific documentation.
  * debian/patches: Fix riscv64 suppor...