This bug was fixed in the package u-boot - 2023.07+dfsg-1ubuntu1

---------------
u-boot (2023.07+dfsg-1ubuntu1) mantic; urgency=medium

  [ Dave Jones]
  * Merge from Debian unstable (LP: #2027789). Remaining changes:
    - d/p/rpi-config-tweaks.patch: Configuration adjustments to the RPi
      configs
    - Enable FIT signing support
      - Limit key names to keys within the keydir.
    - Enable Ubuntu support for the Nitrogen6x board
      - Add d/p/ubuntu-nitrogen6q2g-config-tweaks.patch to tweak the
        nitrogen6q2g configs to better fit our Ubuntu usage.
      - Start building the nitrogen6x2g target for u-boot.
      - Fix nitrogen6q2g patch to build properly on armhf
      - d/p/ubuntu-nitrogen6q2g-config-tweaks.patch: enable SCSI which is now
        required for ENV_IS_IN_FAT
    - d/p/rpi-board-dt.patch: use the board's device-tree instead of an
      embedded one
    - Add d/p/rpi-cm4-sdhci.patch for CM4 eMMC support
    - Add d/p/rpi-8gb-pci.patch for Pi400 and Pi4-8Gb support
    - Add d/p/rpi-maxargs.patch for new Core 18 boot-env
    - Removed d/u-boot-rpi.postinst. The task of copying the u-boot binaries
      to the boot partition is now performed by flash-kernel
    - Revert '* debian/rules: Ensure debugging symbols are enabled.' as it
      breaks riscv64 booting.
    - Implement u-boot-sifive.postinst to upgrade u-boot in loader1/loader2
      partitions upon package upgrades. Maybe this should move to flash-
      kernel, and update SPI too.
    - Provide compat symlinks for old unleashed & unmatched platform names
    - In postinst support Unmatched model name without A00 suffix, as used by
      meta-sifive kernels and may be contributed upstream in the future.
    - Enable commands for displaying and configuring the UEFI environment
    - In u-boot-sifive.postinst support partition names Loader1, Loader2 as
      the installer image uses these.
    - Remove the MIPS targets as the mips cross-compiler is currently
      uninstallable in Ubuntu
    - Add package for PolarFire SoC Icicle Kit
  * Removed patches obsoleted/merged by upstream:
    - SECURITY UPDATE: unchecked length field in DFU implementation
      - debian/patches/CVE-2022-2347.patch: fix the unchecked length field in
        drivers/usb/gadget/f_dfu.c.
      - CVE-2022-2347
    - Fix probing of virtio devices
      d/p/virtio-pci-fix-bug-of-virtio_pci_map_capability.patch
    - Enable reset via SBI on PolarFire Icicle Kit
      d/p/riscv64/enable-reset-via-SBI-on-PolarFire-Icicle-Kit.patch
    - Adjust u-boot-microchip on PolarFire Icicle Kit for the changed memory
      layout of the HSS 2022.10 firmware
  * Refreshed patches:
    - d/p/rpi-config-tweaks.patch
    - d/p/ubuntu-nitrogen6q2g-config-tweaks.patch
    - d/p/rpi-cm4-sdhci.patch
    - d/p/rpi-8gb-pci.patch
    - d/p/riscv64/mpfs-icicle-reserve-the-top-of-memory-for-the-.patch

  [ Heinrich Schuchardt ]
  * d/p/riscv64/enable-sbi.patch: Enable CONFIG_CMD_SBI by default to display
    SBI information on RISC-V
  * d/p/riscv64/sync-polarfire-dts-with-linux-[123].patch: assign MAC address
    on PolarFire
  * d/p/riscv64/multi-usb-msd-[12].patch: fix non-unique device paths on
    machines with multiple USB mass-storage devices attached

 -- Dave Jones <email address hidden>  Fri, 14 Jul 2023 15:52:36 +0100