[Bug 2110302] [NEW] nullboot 0.5.3 SRUs

Mate Kukri 2110302 at bugs.launchpad.net
Fri May 9 12:52:32 UTC 2025 

Public bug reported:

[Impact]
new upstream release; usual vendored dependency updates per Go MIR policy (vendor/ directory is automatically generated by go mod vendor based on go.mod).

Targeted releases: noble, jammy

[Test plan]
* Test suite passes

* Deploy Azure CVM and TPM FDE
* Upgrade to this new package and reboot
* Boot should be successful
* Double check bios_measurements_log to ensure that the newly update shim was used for boot (https://github.com/canonical/tcglog-parser/tree/master/tcglog-dump can be used to extract checksum of the shim binary used at boot and compared to the one shipped in nullboot)

* CPC - build new image with nullboot preinstalled, and attempt to
register and boot such an images as first time.

We have set block-proposed to allow testing in {noble,jammy}-proposed to
be carried out before migration to  release pockets.

[Where problems could occur]
Resealing of Azure CVM machines could fail and they would need to be unlocked with a recovery key.

NOTE: this bug follows precedent set by
https://bugs.launchpad.net/ubuntu/+source/nullboot/+bug/2061754

** Affects: nullboot (Ubuntu)
     Importance: Undecided
         Status: Invalid

** Affects: nullboot (Ubuntu Jammy)
     Importance: Undecided
         Status: New

** Affects: nullboot (Ubuntu Noble)
     Importance: Undecided
         Status: New


** Tags: block-proposed

** Tags added: block-proposed

** Also affects: nullboot (Ubuntu Noble)
   Importance: Undecided
       Status: New

** Also affects: nullboot (Ubuntu Jammy)
   Importance: Undecided
       Status: New

** Changed in: nullboot (Ubuntu)
       Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to nullboot in Ubuntu.
https://bugs.launchpad.net/bugs/2110302

Title:
  nullboot 0.5.3 SRUs

Status in nullboot package in Ubuntu:
  Invalid
Status in nullboot source package in Jammy:
  New
Status in nullboot source package in Noble:
  New

Bug description:
  [Impact]
  new upstream release; usual vendored dependency updates per Go MIR policy (vendor/ directory is automatically generated by go mod vendor based on go.mod).

  Targeted releases: noble, jammy

  [Test plan]
  * Test suite passes

  * Deploy Azure CVM and TPM FDE
  * Upgrade to this new package and reboot
  * Boot should be successful
  * Double check bios_measurements_log to ensure that the newly update shim was used for boot (https://github.com/canonical/tcglog-parser/tree/master/tcglog-dump can be used to extract checksum of the shim binary used at boot and compared to the one shipped in nullboot)

  * CPC - build new image with nullboot preinstalled, and attempt to
  register and boot such an images as first time.

  We have set block-proposed to allow testing in {noble,jammy}-proposed
  to be carried out before migration to  release pockets.

  [Where problems could occur]
  Resealing of Azure CVM machines could fail and they would need to be unlocked with a recovery key.

  NOTE: this bug follows precedent set by
  https://bugs.launchpad.net/ubuntu/+source/nullboot/+bug/2061754

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nullboot/+bug/2110302/+subscriptions

More information about the foundations-bugs mailing list