[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#971129: shim-signed: FTBFS: build-dependency not installable: shim-unsigned (= 15+1533136590.3beb971-7)

On Mon, Feb 15, 2021 at 04:35:37PM +0100, Ivo De Decker wrote:
>Hi Steve,
>Thanks for the info.
>On Mon, Feb 15, 2021 at 12:43:33AM +0000, Steve McIntyre wrote:
>> >Could you clarify the timing for this, especially the timeline for getting the
>> >signature from Microsoft (as far as that can be predicted)? I'm trying to
>> >assess if this could become a blocker wrt the actual release. Is it an option
>> >to release with the current version of shim-signed (ie the one that's also in
>> >buster) if we don't get the signature in time?
>> It's not really an option to release with the old shim at this point,
>> I'm afraid.
>That's good to know. I tagged this bug 'is-blocker', to make sure we keep an
>eye on it.
>> But there are newer processes in place around getting new
>> builds signed, so I'm not worrying too much here about delaying the
>> release.

So, to update here...

Shim development was caught up in the work to fix more Secure Boot
holes in Grub (DSA-4867), and it's not quite ready yet. We will have
to wait for a few more upstream fixes yet, then get reviewed and
signed. At that point, this bug will be fixed.

Steve McIntyre, Cambridge, UK.                                steve@einval.com
"War does not determine who is right - only who is left."
   -- Bertrand Russell

Reply to: