[Bug 1474541] Re: sbsigntool broken by update to openssl 1.0.2c
Launchpad Bug Tracker
1474541 at bugs.launchpad.net
Wed Jul 15 16:12:50 UTC 2015
** Branch linked: lp:~ubuntu-branches/ubuntu/wily/sbsigntool/wily-
proposed
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1474541
Title:
sbsigntool broken by update to openssl 1.0.2c
Status in openssl package in Ubuntu:
Invalid
Status in sbsigntool package in Ubuntu:
In Progress
Status in openssl source package in Wily:
Invalid
Status in sbsigntool source package in Wily:
In Progress
Bug description:
An upload of shim-signed with no source changes is now failing to
build in wily, because sbverify fails:
sbverify --cert MicCorUEFCA2011_2011-06-27.crt shim.efi.signed
warning: data remaining[1170360 vs 1289424]: gaps between PE/COFF sections?
PKCS7 verification failed
139919811188368:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify error:pk7_smime.c:328:Verify error:unable to get issuer certificate
Signature verification failed
(https://launchpad.net/ubuntu/+source/shim-signed/1.10/+build/7652431)
The package builds successfully on vivid but fails on wily.
sbsigntool has not changed since vivid. Upgrading to the wily version
of libssl1.0.0 in a vivid chroot reproduces the failure.
I'm not sure if this is a regression in libssl1.0.0 or a bug in
sbsigntool.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1474541/+subscriptions
More information about the foundations-bugs
mailing list