edk2 - Debian Package Tracker

general

source: edk2 (main)
version: 2023.05-2
maintainer: Debian QEMU Team (archive) (DMD)
uploaders: Steve Langasek [DMD] – dann frazier [DMD] – Serge Hallyn [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0~20181115.85588389-3+deb10u3
o-o-bpo: 2020.05-3~bpo+1
oldstable: 2020.11-2+deb11u1
stable: 2022.11-6
testing: 2023.05-2
unstable: 2023.05-2
exp: 2023.08-1

versioned links

0~20181115.85588389-3+deb10u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2020.05-3~bpo+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2020.11-2+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2022.11-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2023.05-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2023.05-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2023.08-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

efi-shell-aa64
efi-shell-arm
efi-shell-ia32
efi-shell-x64
ovmf (5 bugs: 0, 4, 1, 0)
ovmf-ia32 (2 bugs: 0, 2, 0, 0)
qemu-efi-aarch64
qemu-efi-arm

action needed

1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:

CVE-2021-38576: A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system.

Created: 2023-06-11 Last update: 2023-09-26 06:59

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2021-38576: A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system.

Created: 2022-07-04 Last update: 2023-09-26 06:59

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2023-09-13 Last update: 2023-12-05 15:31

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2023-07-28 Last update: 2023-12-05 15:05

Depends on packages which need a new maintainer normal

The packages that edk2 depends on which need a new maintainer are:

mtools (#1042948)
- Build-Depends: mtools

Created: 2023-08-03 Last update: 2023-12-05 14:34

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2023.08-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 95faf9650e6d0f4f5933c7e1870e66bae4b56850
Author: dann frazier <dannf@debian.org>
Date:   Sun Oct 29 19:10:32 2023 -0600

    ovmf/qemu-efi-*: Add a Suggests for the appropriate QEMU system package.

commit b6b8ea62deb638c20509211306ba9dd3e76a7c91
Author: dann frazier <dannf@debian.org>
Date:   Sun Oct 29 19:07:04 2023 -0600

    qemu-efi-riscv64: Add a README.Debian, thanks to Heinrich Schuchardt.
    
    Closes: #1054651.

Created: 2023-10-30 Last update: 2023-12-01 18:09

lintian reports 106 warnings normal

Lintian reports 106 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2023-07-23 Last update: 2023-07-23 12:02

Multiarch hinter reports 4 issue(s) low

There are issues with the multiarch metadata for this package.

efi-shell-aa64 could be marked Multi-Arch: foreign
efi-shell-arm could be marked Multi-Arch: foreign
efi-shell-ia32 could be marked Multi-Arch: foreign
efi-shell-x64 could be marked Multi-Arch: foreign

Created: 2023-07-26 Last update: 2023-12-05 11:14

4 low-priority security issues in bullseye low

There are 4 open security issues in bullseye.

4 issues left for the package maintainer to handle:

CVE-2021-28216: (needs triaging) BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.
CVE-2021-38575: (needs triaging) NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.
CVE-2021-38576: (needs triaging) A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system.
CVE-2021-38578: (needs triaging) Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-07-04 Last update: 2023-09-26 06:59

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2021-38576: (needs triaging) A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system.

You can find information about how to handle this issue in the security team's documentation.

Created: 2023-06-10 Last update: 2023-09-26 06:59

debian/patches: 2 patches to forward upstream low

Among the 5 debian patches available in version 2023.05-2 of the package, we noticed the following issues:

2 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2023-09-24 08:10

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 4.5.0).

Created: 2020-11-17 Last update: 2023-09-24 00:59

news

[rss feed]

[2023-10-26] Accepted edk2 2023.08-1 (source all) into experimental (Debian FTP Masters) (signed by: dann frazier)
[2023-09-26] edk2 2023.05-2 MIGRATED to testing (Debian testing watch)
[2023-09-23] Accepted edk2 2023.05-2 (source) into unstable (dann frazier)
[2023-07-25] edk2 2023.05-1 MIGRATED to testing (Debian testing watch)
[2023-07-22] Accepted edk2 2023.05-1 (source) into unstable (dann frazier)
[2023-05-22] Accepted edk2 2023.02-2 (source all) into experimental (Debian FTP Masters) (signed by: dann frazier)
[2023-04-10] Accepted edk2 2023.02-1 (source) into experimental (dann frazier)
[2023-03-26] edk2 2022.11-6 MIGRATED to testing (Debian testing watch)
[2023-03-05] Accepted edk2 2022.11-6 (source) into unstable (dann frazier)
[2023-03-02] Accepted edk2 2022.11-5 (source) into unstable (dann frazier)
[2023-02-22] Accepted edk2 2022.11-4 (source) into unstable (dann frazier)
[2023-02-22] Accepted edk2 2022.11-3 (source) into unstable (dann frazier)
[2023-01-01] edk2 2022.11-2 MIGRATED to testing (Debian testing watch)
[2022-12-29] Accepted edk2 2022.11-2 (source) into unstable (dann frazier)
[2022-11-28] edk2 2022.11-1 MIGRATED to testing (Debian testing watch)
[2022-11-25] Accepted edk2 2022.11-1 (source) into unstable (dann frazier)
[2022-09-14] edk2 2022.08-1 MIGRATED to testing (Debian testing watch)
[2022-09-12] Accepted edk2 2022.08-1 (source) into unstable (dann frazier)
[2022-09-09] edk2 2022.05-4 MIGRATED to testing (Debian testing watch)
[2022-09-09] edk2 2022.05-4 MIGRATED to testing (Debian testing watch)
[2022-09-07] Accepted edk2 2022.05-4 (source) into unstable (dann frazier)
[2022-09-06] Accepted edk2 2022.05-3 (source) into unstable (dann frazier)
[2022-06-09] edk2 2022.05-2 MIGRATED to testing (Debian testing watch)
[2022-06-07] Accepted edk2 2022.05-2 (source) into unstable (dann frazier)
[2022-06-05] edk2 2022.05-1 MIGRATED to testing (Debian testing watch)
[2022-06-03] Accepted edk2 2022.05-1 (source) into unstable (dann frazier)
[2022-05-20] edk2 2022.05~rc1-1 MIGRATED to testing (Debian testing watch)
[2022-05-17] Accepted edk2 2022.05~rc1-1 (source) into unstable (dann frazier)
[2022-03-31] edk2 2022.02-3 MIGRATED to testing (Debian testing watch)
[2022-03-28] Accepted edk2 2022.02-3 (source) into unstable (dann frazier)

bugs [bug history graph]

all: 18
RC: 0
I&N: 9
M&W: 8
F&P: 1
patch: 2

links

homepage
lintian (0, 106)
buildd: logs, exp, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2023.05-2
14 bugs (1 patch)