[Bug 1687131] Re: [MIR] ubuntu-image
Steve Langasek
steve.langasek at canonical.com
Sat Apr 29 00:10:37 UTC 2017
I am pre-promoting these packages in order to unblock migration of
livecd-rootfs and automated image building for artful.
** Description changed:
livecd-rootfs now depends on ubuntu-image, which therefore should be
promoted to main.
ubuntu-image is maintained by the Ubuntu Foundations team as upstream.
The package already has an SRU exception,
<https://wiki.ubuntu.com/UbuntuImageUpdates>, and is kept in sync across
stable releases from 16.04 on as well as being available as a snap.
autopkgtests and upstream CI are in place for this package.
foundations-bugs is subscribed to the package and there is no CVE
history. The software interacts with local files as a non-privileged
user and presents a narrow security attack surface. It delegates
security-sensitive operations (cryptographic verification, etc) to 'snap
prepare-image' from the snapd package, already in main.
+
+ ubuntu-image also pulls in pyparted as a dependency. pyparted is a thin
+ wrapper around libparted, already in main. It is in sync with Debian
+ from 14.04 on and has no open bug reports in Debian; the only bug
+ reports open in Ubuntu are those reported by the ubuntu-image team.
+ Upstream project: https://github.com/rhinstaller/pyparted no major
+ issues open upstream.
+
+ No security issues reported at http://cve.mitre.org/cgi-
+ bin/cvekey.cgi?keyword=pyparted or http://people.canonical.com/~ubuntu-
+ security/cve/universe.html
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-image in Ubuntu.
https://bugs.launchpad.net/bugs/1687131
Title:
[MIR] ubuntu-image
Status in pyparted package in Ubuntu:
New
Status in ubuntu-image package in Ubuntu:
New
Bug description:
livecd-rootfs now depends on ubuntu-image, which therefore should be
promoted to main.
ubuntu-image is maintained by the Ubuntu Foundations team as upstream.
The package already has an SRU exception,
<https://wiki.ubuntu.com/UbuntuImageUpdates>, and is kept in sync
across stable releases from 16.04 on as well as being available as a
snap.
autopkgtests and upstream CI are in place for this package.
foundations-bugs is subscribed to the package and there is no CVE
history. The software interacts with local files as a non-privileged
user and presents a narrow security attack surface. It delegates
security-sensitive operations (cryptographic verification, etc) to
'snap prepare-image' from the snapd package, already in main.
ubuntu-image also pulls in pyparted as a dependency. pyparted is a
thin wrapper around libparted, already in main. It is in sync with
Debian from 14.04 on and has no open bug reports in Debian; the only
bug reports open in Ubuntu are those reported by the ubuntu-image
team. Upstream project: https://github.com/rhinstaller/pyparted no
major issues open upstream.
No security issues reported at http://cve.mitre.org/cgi-
bin/cvekey.cgi?keyword=pyparted or http://people.canonical.com
/~ubuntu-security/cve/universe.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pyparted/+bug/1687131/+subscriptions
More information about the foundations-bugs
mailing list