This is good, but grub2 MP needs to be re-filed against correct repo at
https://code.launchpad.net/~ubuntu-core-dev/grub/+git/ubuntu.
Also I am not sure if there is much benefit to actually removing the cd-
boot-images packages (removal SRUs are super rare) in case a user relies
on them, but updat
** Changed in: grub2-unsigned (Ubuntu Bionic)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1995751
Title:
update to 2.04-1ubuntu47.4 drops zz-update-grub
** Changed in: grub2-unsigned (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1995751
Title:
update to 2.04-1ubuntu47.4 drops zz-update-grub
To manage not
ESP on RAID is not supported in Ubuntu GRUB because we don't create such
configurations.
Unlike other distros, there is also no reason to do this because we have
multi ESP support in the GRUB package.
You can just RAID your regular filesystems and have two (or N) ESPs, one
on each disks and GRUB
Was this RAID setup created by the Ubuntu Installer, or did you create
it yourself?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2112229
Title:
failure during update package grub-efi-amd64-signed w
** Tags added: foundations-todo
** Changed in: grub2 (Ubuntu)
Assignee: (unassigned) => Mate Kukri (mkukri)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2112179
Title:
Cannot pass unesca
Yes I can look into picking up the new patches.
Re: signature size allocation, the binary build and signing happens at
different stages on purpose, so allocating the exact size is impossible,
and one binary might even be signed with different keys. (Also extra
space is intended to leave room for m
Hi Dann,
I hope the bug this is trigerring will be fixed in the questing cycle
and then we can re-enable the memory attribute protocol by default.
I am not against syncing this now, but re-enabling NX by default might
still cause problems with older distros/releases that wont carry all the
necess
nullboot on focal was beta only and this bug is 3 years old, so closing.
if you are experiencing it on newer ubuntu and nullboot, please report a
new bug.
** Changed in: nullboot (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bu
Public bug reported:
[Impact]
new upstream release; usual vendored dependency updates per Go MIR policy
(vendor/ directory is automatically generated by go mod vendor based on go.mod).
Targeted releases: noble, jammy
[Test plan]
* Test suite passes
* Deploy Azure CVM and TPM FDE
* Upgrade to t
Yes everything with appended signatures built in that PPA is signed
using that certificate.
It should hopefully verify correctly, and can be used for testing, but
please note that it is not to be used in production.
Kind regards,
Mate Kukri
--
You received this bug notification because you are
Uploaded again.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2104572
Title:
Booting the daily noble RISC-V installer image fails
To manage notifications about this bug go to:
https://bugs.launchpa
The test grub has a slightly older version number, you can install the
exact versions using:
apt install \
grub-ieee1275-signed=1.209.1+powersb7+2.12-5ubuntu7+powersb9 \
grub-ieee1275=2.12-5ubuntu7+powersb9 \
grub-ieee1275-bin=2.12-5ubuntu7+powersb9 \
grub-common=2.12-5ubuntu7+powersb9 \
grub2-com
I don't believe this is an edk2 problem.
The GRUB side will be resolved by picking up Vladimir's patch from grub-
devel.
** No longer affects: edk2 (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/b
Pushed a test build of phcoder's mshared patches to the uefi team build
ppa
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2106208
Title:
Relocation overflow in GRUB when booting with RISC-V EDK II a
Verification done, test matrix here
https://docs.google.com/document/d/1a5tlAWPNriB2JvvItAb-
ISSYnQlcmdVm2mesuM2jC3c/edit?tab=t.0
** Tags removed: verification-needed verification-needed-focal
verification-needed-jammy verification-needed-noble verification-needed-oracular
** Tags added: verifica
Can you try booting the hard-disk via the same boot menu you booted the
installer from?
Some devices unfortunately have issues where the boot UI is included in
the measurements and if you autoboot the HDD without going through the
menu it fails.
--
You received this bug notification because you
** Changed in: grub2 (Ubuntu)
Assignee: (unassigned) => Mate Kukri (mkukri)
** Tags added: foundations-todo
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107408
Title:
do-release-upgrade
This still needs a grub2 upload and systemd stub change to properly fix
so i wouldnt remove, edk2 is only a workaround.
** Also affects: grub2 (Ubuntu)
Importance: Undecided
Status: New
** Also affects: systemd (Ubuntu)
Importance: Undecided
Status: New
--
You received this
My dev PPA can be added with
add-apt-repository ppa:mkukri/dev-ppc64el
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2064319
Title:
Power guest secure boot with key management: GRUB2 portion
To m
This is waiting to be signed at https://bugs.launchpad.net/canonical-
signing-jobs/+bug/2106805
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2106728
Title:
grub-efi-arm64 fails with out of memory e
** Also affects: grub2-unsigned (Ubuntu)
Importance: Undecided
Status: New
** Also affects: grub2-signed (Ubuntu)
Importance: Undecided
Status: New
** Changed in: grub2-signed (Ubuntu Plucky)
Milestone: None => ubuntu-25.04
** Changed in: grub2-unsigned (Ubuntu Plucky)
Ah the changelog entry post facto fixup was my bad, cleaned up the git
history after the mistake in the original upload, but we can rid of that
change.
> The rootfs should be the only filesystem in the image containing a file named
> /.disk/info. If not, we risk loading an incorrect filesystem.
I
So update is im 99% sure this a is bad interaction between the systemd
UKI stub and the memory attribute protocol...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2104316
Title:
25.04 beta TPMFDE: f
I made the judgement that picking up those patches alongside the new
ones marked as security fixes has a lower overall regression potential
compared to me trying to untangle the security fixes from the old(er)
XFS patches.
Perhaps not a perfect solution, but in GRUB world there never is, we've
don
> This makes sense because other systems boot after all. Is this "borked
hooking" only in newer systemds? (because Noble TPM FDE installs
apparently work with plucky ovmf)
Hmm I am not sure, I'll look into this in more detail as part of fixing
this bug properly after edk2 workaround is done.
> Yo
Sorry the test plan perhaps could have been clearer:
- The automated tests do _not_ currently include XFS.
- "create an XFS /boot; boot from it" was part of the manual tests planned
Updated test plan now.
** Description changed:
Just to be clear this is now the tracking bug for all GRUB2 CVE f
NUMA nodes usually represents two or more pieces of silicon, each with
memory connected to them directly, but where both are also
interconnected into a proper SMP system using some bus like DMI.
Which means memory all memory is logically accessible to all processors
same ways as UMA SMP system, bu
I think NUMA here is just causing the memory map to have big enough
holes in it, and the allocator to behave in such a way that some
relocations will have addends that overflow a 32-bit signed slot.
We had the same issue exposed by a 4GB memory limit here:
https://bugs.launchpad.net/ubuntu/+source
** Changed in: grub2-unsigned (Ubuntu Focal)
Status: Incomplete => Fix Committed
** Changed in: grub2-unsigned (Ubuntu Jammy)
Status: Incomplete => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bu
GRUB issue is that peimage tries to write relocations addends to read-
only sections after setting them read only
But i suspect fixing that will make the GRUB problem be the same as the
firmware direct boot problem, so we nicely caught two bugs here.
** Changed in: edk2 (Ubuntu)
Status
these are fixed.
** Also affects: systemd (Ubuntu)
Importance: Undecided
Status: New
** Also affects: grub2 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: grub2 (Ubuntu)
Assignee: (unassigned) => Mate Kukri (mkukri)
** Changed in: systemd (Ubuntu)
Ass
Uploaded noble with the version number change mentioned in the MP, and
committed to ~ubuntu-core-dev/cd-boot-images-riscv64.
If the same debian-cd breakage is happening on jammy and/or oracular,
please file MPs for those too.
--
You received this bug notification because you are a member of Ubun
** Tags added: foundations-todo
** Changed in: edk2 (Ubuntu)
Assignee: (unassigned) => Mate Kukri (mkukri)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2104316
Title:
25.04 beta TPM
Also keep in mind that the /EndEntire message was simply removed from
GRUB a while back, so that not showing up means nothing by itself.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2104316
Title:
I wouldn't discount an edk2 regression here, ive seen another recently
too.
Will try to look into this today.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2104316
Title:
25.04 beta TPMFDE: first b
Maybe the presence of the mem attr protocol triggers edk2 to change
memory attributes to NX on allocated buffer for even explicitly non-NX
images...
We have an optional NX compat chain available in the shim package
(that's off by default) and all this was tested a while ago, but at that
point the
Hello,
Code https://code.launchpad.net/~ubuntu-uefi-team/grub/+git/ubuntu/+ref/power-sb
My PPC test PPA (the power-sb ppa is out of date):
https://launchpad.net/~mkukri/+archive/ubuntu/dev-ppc64el
Signing key for the PPA above:
https://ppa.launchpadcontent.net/mkukri/dev-ppc64el/ubuntu/dists/plu
** Changed in: edk2 (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2101797
Title:
built-in shell still present in AAVMF secboot image
To manage
Branches for the noble and oracular fixes are here:
https://code.launchpad.net/~ubuntu-core-dev/ubuntu/+source/edk2/+git/edk2/+ref/ubuntu/noble
https://code.launchpad.net/~ubuntu-core-dev/ubuntu/+source/edk2/+git/edk2/+ref/ubuntu/oracular
Seems like the SRU team wants this released as a security
But also we should test arm64 AAVMF VMs too, the laptops might be fine,
but maybe AAVMF loads the core high?
It is also possible that the arm64 module loader is correct in the sense
that it allows modules to be loaded anywhere without overflowing
relocations.
** Changed in: grub2 (Ubuntu)
It seems like risc-v EFI loads the core high, and restricting dynamic
allocations <=4GB causes modules to be loaded low.
Then the module loader tries to patch up some relocations with the delta
between some symbols in the core and the module, but it fails due to the
large offset.
Modules should b
Welp, we need to remove the 4gb address limit on risc-v i think.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2103864
Title:
grub-efi-riscv64-bin 2.12-5ubuntu9 fails with "relocation overflow"
To
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2101797
Title:
built-in shell still present in AAVMF secboot image
To manage notif
** Changed in: grub2-signed (Ubuntu Plucky)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2055835
Title:
GRUB 2025 spring security update
To manage noti
This was fixed in debian sid already.
** Description changed:
+ [ Impact ]
+
+ * A large batch of secure boot CVEs in GRUB2 were fixed earlier this
+ year and recently un-embargoed earlier.
+
+ * This has an obvious impact on everyone relying on Secure Boot for any
+ purpose.
+
+ [ Test Plan
Was verified a long time ago and not released, but 14.8 will
cumulatively include this fix, so mentioning this if and when a reviewer
of that will inevitably run into this.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.l
This is all verified now, and because 14.8 will cumulatively include
this fix, it is worth mentioning this if and when a reviewer of that
will inevitably run into this.
** Tags removed: verification-needed verification-needed-focal
verification-needed-jammy
** Tags added: verification-done verifi
No doubt it isn't really on the radar for Landscape, but I would be
inclined to include Oracular as well if this gets uploaded before
Oracular goes EOL.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/21
affects: grub2-unsigned (Ubuntu Noble)
Importance: Undecided
Status: New
** Also affects: grub2-unsigned (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: grub2-unsigned (Ubuntu Plucky)
Importance: Undecided
Assignee: Mate Kukri (mkukri)
Status: New
The overall security model of the CA on which we would sign such UKIs
already allows loading external initrds without a UKI being used.
This would be for the simple convenience of being able to use the stub
purely as a (temporary) mechanism for signing dtbs and the kernel
together, not to provide
Hi Dann, News entry is fine by me, i've already worked around this for
my usecase, but others might run into this as well.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2069439
Title:
edk2 2024.05-1
> The grub file system drivers have a huge number of security issues and
we should run them isolated, they should be using user namespaces, mount
namespaces to hide / or have it all readonly, and like empty network
namespaces so they can't phone home.
No doubt about that, but in a perfect world e
Im gonna set this public if this is just an apparmor rule issue.
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2099811
Title:
Os-prober s
What filesystem and/or device mapper container your /boot is located on?
If /boot is not writable from GRUB the 30 second timeout is expected
behaviour due to recordfail not working.
A 30 second timeout should not happen if grub can write to /boot.
--
You received this bug notification because
The short answer is that we do not support an F2FS /boot filesystem and
support is not built into signed monolithic GRUB for that reason.
If you need to have an F2FS root partition, you can use a separate /boot
with a supported file system as you suggested.
If you insist on having F2FS as /boot,
Public bug reported:
Platform: UTM virtual machine on arm64 macOS
ISO: 24.04.2 465 milestone build, arm64 server ISO.
Issue:
Console output only shows up on the serial port without manually
specifying console=tty0.
** Affects: livecd-rootfs (Ubuntu)
Importance: Undecided
Status: N
Public bug reported:
serial.mod not included in signed GRUB2 for Jammy and older.
** Affects: grub2 (Ubuntu)
Importance: Undecided
Assignee: Mate Kukri (mkukri)
Status: New
** Tags: foundations-todo
** Tags added: foundations-todo
** Changed in: grub2 (Ubuntu
The debug counter crash is likely the same as
https://bugs.launchpad.net/ubuntu/+source/bpftrace/+bug/2086104.
Afaik this version of bpftrace has a linking issue against LLVM where it
sometimes pulls in a static and a shared copy into the same process and
when the versions mismatch it fails.
Ther
** Changed in: grub2-signed (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2073634
Title:
[SRU] Enable suppression of /EndEntire message
To mana
** Changed in: grub2-unsigned (Ubuntu Oracular)
Status: New => Fix Released
** Changed in: grub2-unsigned (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bu
** Changed in: grub2 (Ubuntu Noble)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2076651
Title:
[SRU] Crash on RISC-V in virtual machine using KVM
To m
** Changed in: grub2 (Ubuntu Noble)
Status: In Progress => Fix Released
** Also affects: grub2-unsigned (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad
cd-boot-images-arm64 has used shim for a long time. (and is no gone in
plucky anyways)
** Changed in: cd-boot-images-arm64 (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launch
All the packages seem to be built against the correct bootloaders.
There is not much else that can be done to verify these until they are
released and daily images are built.
** Tags removed: verification-needed verification-needed-noble
** Tags added: verification-done verification-done-noble
-
** Description changed:
[Impact]
- There is a newer GRUB in Noble than cd-boot-images-* contains.
+ There is a newer GRUB and U-Boot (for risc-v) in Noble than cd-boot-images-*
contains.
These intermediate packages were finally removed in plucky, but
unfortunately this manual step will b
** Description changed:
+ [Impact]
There is a newer GRUB in Noble than cd-boot-images-* contains.
These intermediate packages were finally removed in plucky, but
unfortunately this manual step will be required in >=Jammy and https://bugs.launchpad.net/bugs/2096766
Title:
Update cd-boot
Cannot file proper MPs because repos under ~ubuntu-core-dev do not
currently have *-noble branchs:
https://code.launchpad.net/~mkukri/ubuntu/+source/cd-boot-images-
amd64/+git/cd-boot-images-amd64/+ref/amd64-noble/
https://code.launchpad.net/~mkukri/ubuntu/+source/cd-boot-images-
arm64/+git/cd-bo
Public bug reported:
There is a newer GRUB in Noble than cd-boot-images-* contains.
These intermediate packages were finally removed in plucky, but
unfortunately this manual step will be required in >=Jammy and https://bugs.launchpad.net/bugs/2096766
Title:
Update cd-boot-images-* for Noble 24
Hello,
Can you please provide a step-by-step (written) reproducer, and
preferably on a freely available virtual machine such as QEMU?
** Changed in: grub2 (Ubuntu)
Status: Confirmed => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subs
This only affects noble so tagging as such.
** Also affects: grub2 (Ubuntu Noble)
Importance: Undecided
Status: New
** Changed in: grub2 (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ub
@hectorcao does this still need SRUd to Noble?
** Changed in: grub2-signed (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2069232
Title:
Missing measureme
Also fixed by https://launchpad.net/ubuntu/+source/fdroidserver/2.3.4-2.
Closing.
** Changed in: fdroidserver (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/
** Patch added: "fdroidserver_2.3.4-1ubuntu1.diff"
https://bugs.launchpad.net/ubuntu/+source/fdroidserver/+bug/2091708/+attachment/5844773/+files/fdroidserver_2.3.4-1ubuntu1.diff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
http
Public bug reported:
https://objectstorage.prodstack5.canonical.com/swift/v1/AUTH_0f9aae918d5b4744bf7b827671c86842/autopkgtest-
plucky/plucky/amd64/f/fdroidserver/20241213_032347_74719@/log.gz
** Affects: fdroidserver (Ubuntu)
Importance: Undecided
Status: New
--
You received this
unsigned (Ubuntu)
Assignee: (unassigned) => Mate Kukri (mkukri)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2086843
Title:
Grub creates spurious entries in the menu
To manage notifications abo
Thanks Sebastian!
** Tags removed: foundations-todo verification-needed-focal
** Tags added: cfoundations-todo verification-done verification-done-focal
** Tags removed: cfoundations-todo
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubunt
@sebwey, Would you be able to test the Focal package as well please?
It's the same binary, so this is unfortunately just a box ticking
exercise but SRU policy doesn't cover this corner case.
In particular it is this build we are talking about here
https://launchpad.net/~ubuntu-uefi-team/+archive/u
Fix for freedombox, transitioning it to the pyca/cryptography API. It
is a native package so the patch is ugly.
** Patch added: "freedombox_24.24ubuntu1.diff"
https://bugs.launchpad.net/ubuntu/+source/freedombox/+bug/2074186/+attachment/5843137/+files/freedombox_24.24ubuntu1.diff
--
You rec
Same tests that are failing in the autopkgtest are seemingly ran at
build time as well and that passed.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2074186
Title:
pyopenssl: removed API breaks var
** Also affects: freedombox (Ubuntu)
Importance: Undecided
Status: New
** Summary changed:
- pyopenssl: removed API breaks python-oauth2client
+ pyopenssl: removed API breaks various programs
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subsc
juliank says on IRC that this is likely caused by:
> env $ucf_env ucf --three-way --debconf-ok
> --sum-file=/usr/share/grub/default/grub.md5sum "$tmp_default_grub"
> /etc/default/grub
It seems like something has deleted an internal UCF tempfile while the
upgrade was running.
--
You received th
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2085713
Title:
package grub-pc 2.12-5ubuntu5 failed to install/upgrade: installed
grub-pc package post-installation script subprocess returned error
Hi Robert,
This is on the ubuntu-sru team at this point. I have tried bugging them
about this upload, but it has not been accepted into the proposed pocket
yet...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.
If Windows wasn't present at Ubuntu installation time, you need to
manually enable os-prober in /etc/default/grub and then run update-grub.
Either way this bug isn't about that.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://
Verified using juliank's script
** Tags removed: verification-needed verification-needed-noble
** Tags added: verification-done verification-done-noble
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/20
I think tpm_log_event is actually what I meant :)
Log is convincing that "Volume Full" errors are coming from TPM related
operations.
The solution, I'm 95% sure, will be my shim PR linked above.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed t
Hey just letting you that 2.06-2ubuntu7.1 is outdated and isnt actually
used to build jammy production GRUBs for UEFI.
Jammy production GRUBs for UEFI are actually built from the kinetic-
unsigned branch. The next one in the archive will be the
2.06-2ubuntu14.6 upload, and it should be used.
For
Hello,
It would be much appreciated if anyone affeceted could test the GRUB for jammy
in this PPA:
https://launchpad.net/~ubuntu-uefi-team/+archive/ubuntu/proposed-public
It is also in the unapproved SRU queue for Jammy and Focal, but I have
extreme difficulty with convincing people to touch GRU
For context
https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2043084
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2028891
Title:
HTTP boot grub issue
To manage notifications about thi
Hi Loic,
There was a HTTP boot issue in old GRUBs that the ubuntu14.5 SRU would
have fixed that haven't got through.
(This also affects focal due to using the same GRUB).
It would be much appreciated if you could test the GRUB for jammy in this PPA:
https://launchpad.net/~ubuntu-uefi-team/+archi
Plucky images are now built without the use of cd-boot-images. We should
remove these packages from the archive.
** Changed in: debian-cd (Ubuntu)
Status: New => Fix Released
** Summary changed:
- Removal of cd-boot-images-* from Ubuntu
+ Please remove cd-boot-images-* from plucky
** Cha
@Pedro Avalos
if you could run `mokutil --set-verbosity` true then boot again to see
if the verbose log really includes tpm_measure_variable stuff, that
would be nice.
But i am 99% sure it's that, we havent seen the UEFI varstore proper
fill up on modern systems in a long time.
--
You received
This isn't about UEFI variables filling up, but the TPM event log. This
is due to OEMs limiting the size of it too much...
When the following gets merged, these should at least boot
https://github.com/rhboot/shim/pull/657
Making them have a correct event log is obviously not possible but it
shoul
** Changed in: fwupd-efi (Ubuntu)
Status: Triaged => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2011819
Title:
fwupd-efi/1:1.2-3ubuntu0.2 fwupd-signed/1.51~18.04.1 signing request
Public bug reported:
Update to fwupd-efi 1:1.7-1.
** Affects: fwupd-efi (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2088429
Title:
Update
@avamander The idea is to discourage the use of GRUB unlocked FDE and
use the standard Ubuntu setup where the initrd unlocks the encrypted
partition, which absolutely does support LUKS2 and any KDF supported by
it.
The reason luks is still in GRUB is to not break legacy setups, not due
to GRUB cry
> grub-install: warning: Cannot set EFI variable Boot.
> grub-install: warning: efivarfs_set_variable: writing to fd 8 failed:
> Input/output error.
> grub-install: warning: _efi_set_variable_mode: ops->set_variable() failed:
> Input/output error.
This is usually caused by the firmware repor
See MP https://code.launchpad.net/~mkukri/debian-
cd/+git/ubuntu/+merge/476337
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2086841
Title:
Removal of cd-boot-images-* from Ubuntu
To manage notific
This was just me unknowingly `strip`-ing a binary that shouldn't be
`strip`-ed... Rejecting as Invalid
** Changed in: grub2 (Ubuntu)
Status: In Progress => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.la
1 - 100 of 926 matches
Mail list logo
