2017-04-29 00:09:47 |
Steve Langasek |
description |
livecd-rootfs now depends on ubuntu-image, which therefore should be promoted to main.
ubuntu-image is maintained by the Ubuntu Foundations team as upstream. The package already has an SRU exception, <https://wiki.ubuntu.com/UbuntuImageUpdates>, and is kept in sync across stable releases from 16.04 on as well as being available as a snap.
autopkgtests and upstream CI are in place for this package.
foundations-bugs is subscribed to the package and there is no CVE history. The software interacts with local files as a non-privileged user and presents a narrow security attack surface. It delegates security-sensitive operations (cryptographic verification, etc) to 'snap prepare-image' from the snapd package, already in main. |
livecd-rootfs now depends on ubuntu-image, which therefore should be promoted to main.
ubuntu-image is maintained by the Ubuntu Foundations team as upstream. The package already has an SRU exception, <https://wiki.ubuntu.com/UbuntuImageUpdates>, and is kept in sync across stable releases from 16.04 on as well as being available as a snap.
autopkgtests and upstream CI are in place for this package.
foundations-bugs is subscribed to the package and there is no CVE history. The software interacts with local files as a non-privileged user and presents a narrow security attack surface. It delegates security-sensitive operations (cryptographic verification, etc) to 'snap prepare-image' from the snapd package, already in main.
ubuntu-image also pulls in pyparted as a dependency. pyparted is a thin wrapper around libparted, already in main. It is in sync with Debian from 14.04 on and has no open bug reports in Debian; the only bug reports open in Ubuntu are those reported by the ubuntu-image team. Upstream project: https://github.com/rhinstaller/pyparted no major issues open upstream.
No security issues reported at http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pyparted or http://people.canonical.com/~ubuntu-security/cve/universe.html |
|