** Changed in: oem-priority
Status: Triaged => In Progress
** Description changed:
We are going to SRU fwupd 1.7.5 to impish and focal to fix bug LP: #1949412.
With update fwupd, the default config set OnlyTrusted=true
With that, we need update libjcat.
[Impact]
need to
** Description changed:
+ We are going to SRU fwupd 1.7.5 to impish and focal to fix bug LP: #1949412.
With update fwupd, the default config set OnlyTrusted=true
+ With that, we need update libjcat.
+
+
+
The firmware blobs in cabinet archive are presently LVFS signed with gpg
and pkcs7,
libjcat can be de-couple with fwupd SRU. However with the new fwupd, we
need libjcat also to be upgraded, or it will fail with new firmware from
LVFS.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: fwupd (Ubuntu Focal)
Status: Triaged => Invalid
** Changed in: fwupd (Ubuntu Impish)
Status: Triaged => Invalid
** Changed in: fwupd (Ubuntu Jammy)
Status: Fix Released => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs,
It works well with libjcat 0.1.4 from comment #7, we need uprev libjcat
as mentioned in the bug description to fulfilling the runtime
dependency.
0.1.4 as a minimum version of libjcat is now required by upstream fwupd,
details at
https://launchpad.net/~ycheng-twn/+archive/ubuntu/libjcat014/+packages
Jcat 0.1.4 focal ppa for testing
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1961864
Title:
fwupd daemon failed verifying
IMO ideally you don't want this coupled with the fwupd SRU with certain
ordering since Jammy already has 0.1.3. 0.1.4 just fixes a bug in
0.1.3.
So I don't think there is a strong requirement on the order of
compilation here, is there? I'd expect just updating libjcat will be
enough:
With newer libjcat installed from given ppa in comment #4, and restarted
the daemon now I can update firmware successfully. Thanks.
$ fwupdmgr --version
runtime org.freedesktop.fwupd 1.7.5
runtime com.dell.libsmbios2.4
compile org.freedesktop.gusb 0.3.4
runtime
I don't have enough knowledge on if this is a bug or not. If this is and
we should upgrade libjcat, I've build it in ppa and please kindly
sponsor to upload it to focal and impish, so we can SRU those with
fwupd.
https://launchpad.net/~ycheng-twn/+archive/ubuntu/fwupd175-3-2-jcat
--
You
** Also affects: fwupd (Ubuntu Focal)
Importance: Undecided
Status: New
** Also affects: libjcat (Ubuntu Focal)
Importance: Undecided
Status: New
** Also affects: fwupd (Ubuntu Impish)
Importance: Undecided
Status: New
** Also affects: libjcat (Ubuntu Impish)
On the machine that test passed for WD19, the output is:
# jcat-tool verify ./firmware.jcat --public-keys /etc/pki/fwupd
package.bin:
FAILED sha1: verifying data is not supported
FAILED sha256: verifying data is not supported
PASSED pkcs7: O=Linux Vendor Firmware Project,CN=LVFS CA
Can you please paste your output from running below?
$ gcab -x
4e3f12fc1901c05790ab17ff2223a79631477aa87979498874c4c262cfafc144-WD19FirmwareUpdateLinux_01.00.21.cab
$ jcat-tool verify ./firmware.jcat --public-keys /etc/pki/fwupd
package.bin:
FAILED sha1: verifying data is not supported
I use WD19SC to upgrade its firmware, and it works fine.
I use fwupd 1.7.5 from this ppa:
https://launchpad.net/~ycheng-twn/+archive/ubuntu/fwupd175-3-2
I didn't upgrade libjcat and it also works fine.
Use get-releases, the cab used is
** Also affects: libjcat (Ubuntu)
Importance: Undecided
Status: New
** Tags added: focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1961864
Title:
fwupd daemon failed verifying
** Changed in: oem-priority
Assignee: (unassigned) => Yuan-Chen Cheng (ycheng-twn)
** Changed in: oem-priority
Importance: Undecided => Critical
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Description changed:
The firmware blobs in cabinet archive are presently LVFS signed with gpg
and pkcs7, if libjcat at compilation time without one then the blobs
signed with both can't be verified.
Impact is fwupd daemon will fail the firmware install immediately
- because
** Also affects: oem-priority
Importance: Undecided
Status: New
** Tags added: oem-priority
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1961864
Title:
fwupd daemon failed verifying
17 matches
Mail list logo
