Debian Patches
Status for ukiboot/0.2.1+git20260604.ec869c7-4
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-pe_parser_posix-use-OpenSSL-ASN1_STRING-accessors.patch | pe_parser_posix: use OpenSSL ASN1_STRING accessors OpenSSL now treats ASN1_OCTET_STRING / struct asn1_string_st as opaque and users can no longer access the data and length fields directly. Replace direct field access with ASN1_STRING_get0_data() and ASN1_STRING_length() when reading PKCS#7 authenticated attributes, encrypted digests and SpcIndirectDataContent. Also make the PKCS7_digest_from_attributes() result const to match the OpenSSL API return type and avoid the discarded-qualifier warning. |
Christopher Obbard <obbardc@debian.org> | yes | 2026-06-21 | ||
| 0002-efi-link-against-gnu-efi-local-lds-crt0-for-objcopy-.patch | efi: link against gnu-efi -local lds/crt0 for objcopy -O binary On architectures where objcopy cannot emit PE/COFF directly (e.g. RISC-V) the EFI binary is produced with 'objcopy -O binary'. That only yields a valid image if the crt0 embeds the PE/COFF header. The regular gnu-efi crt0-efi-riscv64.o carries no header (unlike crt0-efi-arm.o) so the resultant file has no MZ/DOS magic and the subsequent pefile NX-flag step in generate_binary.py fails with "DOS Header magic not found". gnu-efi ships dedicated '-local' lds and crt0 variants (elf_riscv64_efi_local.lds, crt0-efi-riscv64-local.o) that embed the PE/COFF header for precisely this case. Select them whenever the '-O binary' path is used and they are available; architectures without '-local' variants (e.g. arm, whose regular crt0 already has the header) keep using the regular files. |
Christopher Obbard <obbardc@debian.org> | yes | 2026-06-28 |
All known versions for source package 'ukiboot'
- 0.2.1+git20260604.ec869c7-4 (sid, forky)
