[Bug 1867813] Re: [MIR] linux-firmware-raspi2 to restricted

[Christian Ehrhardt ]

>From a glimpse onto the package, I agree this is mostly like the cases
of intel-microcode [1][2] and amd64-microcode [3] but will need a review
still to be sure nothing awkward becomes supported.

@xnox - I'm curious; I'd still want to know if you had talked to doko
before you unassigned him. What was going on (in background), ...?

[1]: https://bugs.launchpad.net/ubuntu/+source/intel-microcode/+bug/1388889
[2]: https://bugs.launchpad.net/ubuntu/+source/intel-microcode/+bug/1738272
[3]: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1521174

** Changed in: linux-firmware-raspi2 (Ubuntu)
     Assignee: (unassigned) => Christian Ehrhardt  (paelzer)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to linux-firmware-raspi2 in
Ubuntu.
https://bugs.launchpad.net/bugs/1867813

Title:
  [MIR] linux-firmware-raspi2 to restricted

Status in linux-firmware-raspi2 package in Ubuntu:
  New

Bug description:
  1. Availability: The package is already available in multiverse and is
  already used on all of our Ubuntu Raspberry Pi images.

  2. Rationale: As mentioned above, the package is already used on all
  of our Ubuntu Raspberry Pi preinstalled images (raspi) - and has been
  used there since the first raspi2 images have been supported. It is
  essentially a mistake that the package is still in multiverse, as we
  should not build images using packages outside of main and restricted.

  3. Security: So far there has been no CVE or any security
  vulnerability reported for our package. Generally the package consists
  of binary blobs coming from the Raspberry Pi foundation.

  4. Quality assurance: The package is easy to test and verify, as this
  is an essential package to the operation of Ubuntu on Raspberry Pi. It
  is maintained by Ubuntu Foundations, along with extensive QA on
  various Pi platforms.

  5. Dependencies: The package has no dependencies (only shipping binary
  blobs).

  6. Standards compliance: The licensing of the binaries is a bit ugly,
  but all the proprietary bits are well documented in debian/copyright.

  7. Maintenance: The package is actively maintained by the Ubuntu
  Foundations team.

  8. Background information:

  As mentioned, this package is already used for all our images, so we
  are already treating it as a package from restricted per-se. So moving
  the package to restricted should only be a formality. All the hosted
  binary blobs are essential to our Ubuntu raspi experience, so we can't
  really do much without them.

  Another important note: this package is not part of any seed right
  now, but instead pulled in via livecd-rootfs directly when building
  raspi images (we'll figure something better for the future).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-firmware-raspi2/+bug/1867813/+subscriptions