Public bug reported:
1. Availability: The package is already available in multiverse and is
already used on all of our Ubuntu Raspberry Pi images.
2. Rationale: As mentioned above, the package is already used on all of
our Ubuntu Raspberry Pi preinstalled images (raspi) - and has been used
there since the first raspi2 images have been supported. It is
essentially a mistake that the package is still in multiverse, as we
should not build images using packages outside of main and restricted.
3. Security: So far there has been no CVE or any security vulnerability
reported for our package. Generally the package consists of binary blobs
coming from the Raspberry Pi foundation.
4. Quality assurance: The package is easy to test and verify, as this is
an essential package to the operation of Ubuntu on Raspberry Pi. It is
maintained by Ubuntu Foundations, along with extensive QA on various Pi
platforms.
5. Dependencies: The package has no dependencies (only shipping binary
blobs).
6. Standards compliance: The licensing of the binaries is a bit ugly,
but all the proprietary bits are well documented in debian/copyright.
7. Maintenance: The package is actively maintained by the Ubuntu
Foundations team.
8. Background information:
As mentioned, this package is already used for all our images, so we are
already treating it as a package from restricted per-se. So moving the
package to restricted should only be a formality. All the hosted binary
blobs are essential to our Ubuntu raspi experience, so we can't really
do much without them.
Another important note: this package is not part of any seed right now,
but instead pulled in via livecd-rootfs directly when building raspi
images (we'll figure something better for the future).
** Affects: linux-firmware-raspi2 (Ubuntu)
Importance: High
Status: New
** Description changed:
1. Availability: The package is already available in multiverse and is
already used on all of our Ubuntu Raspberry Pi images.
2. Rationale: As mentioned above, the package is already used on all of
our Ubuntu Raspberry Pi preinstalled images (raspi) - and has been used
there since the first raspi2 images have been supported. It is
essentially a mistake that the package is still in multiverse, as we
should not build images using packages outside of main and restricted.
3. Security: So far there has been no CVE or any security vulnerability
reported for our package. Generally the package consists of binary blobs
coming from the Raspberry Pi foundation.
4. Quality assurance: The package is easy to test and verify, as this is
an essential package to the operation of Ubuntu on Raspberry Pi. It is
maintained by Ubuntu Foundations, along with extensive QA on various Pi
platforms.
5. Dependencies: The package has no dependencies (only shipping binary
blobs).
6. Standards compliance: The licensing of the binaries is a bit ugly,
but all the proprietary bits are well documented in debian/copyright.
7. Maintenance: The package is actively maintained by the Ubuntu
Foundations team.
8. Background information:
As mentioned, this package is already used for all our images, so we are
already treating it as a package from restricted per-se. So moving the
package to restricted should only be a formality. All the hosted binary
blobs are essential to our Ubuntu raspi experience, so we can't really
do much without them.
+
+ Another important note: this package is not part of any seed right now,
+ but instead pulled in via livecd-rootfs directly when building raspi
+ images (we'll figure something better for the future).
** Changed in: linux-firmware-raspi2 (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1867813
Title:
[MIR] linux-firmware-raspi2 to restricted
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-firmware-raspi2/+bug/1867813/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
