1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1109025: firmware-b43-installer: firmware download fails due to bro

    From Simon Josefsson@21:1/5 to Mathias Gibbens on Thu Jul 10 10:30:01 2025
    Mathias Gibbens <[email protected]> writes:

    control: tags -1 + confirmed patch

    I disagree that this is a policy violation; the cause of error is
    clearly reported. Not sure how the script could be more resilient when
    a remote resource has disappeared:

    I tend to agree -- the package is in contrib, which I think are entitled
    to do "bad" things like downloading executables from the Internet and
    use them?

    broadcom-wl-6.30.163.46.tar.bz2: FAILED
    sha512sum: WARNING: 1 computed checksum did NOT match
    /var/lib/dpkg/info/firmware-b43-installer.postinst: Downloaded
    firmware did not match known SHA512 checksum, aborting.
    dpkg: error processing package firmware-b43-installer (--configure):
    installed firmware-b43-installer package post-installation script subprocess returned error exit status 1

    I did find a mirror of the files on GitHub at https://github.com/minios-linux/b43-firmware/releases with matching
    SHA512 sums. I think an easy fix would be to point the install script
    to GitHub, which is probably more reliable long-term.

    Are these blobs distributable? I suppose not. Maybe having a list of
    known URLs and have the client try all of them would be more reliable.
    It may become a cat and mouse chase.

    /Simon

    -----BEGIN PGP SIGNATURE-----

    iQNoBAEWCgMQFiEEo8ychwudMQq61M8vUXIrCP5HRaIFAmhvcWYUHHNpbW9uQGpv c2Vmc3Nvbi5vcmfCHCYAmDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9f V+QlTmXxo2naObDuGtw58YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9z ZWZzc29uLm9yZz6IlgQTFggAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYh BLHSvRN1vst4TPT4xNc89jjFPAa+BQJn0XQkBQkNZGbwAAoJENc89jjFPAa+BtIA /iR73CfBurG9y8pASh3cbGOMHpDZfMAtosu6jbpO69GHAP4p7l57d+iVty2VQMsx +3TCSAvZkpr4P/FuTzZ8JZe8BrgzBFySz4EWCSsGAQQB2kcPAQEHQOxTCIOaeXAx I2hIX4HK9bQTpNVei708oNr1Klm8qCGKiPUEGBYIACYCGwIWIQSx0r0Tdb7LeEz0 +MTXPPY4xTwGvgUCZ9F0SgUJDWRmSQCBdiAEGRYIAB0WIQSjzJyHC50xCrrUzy9R cisI/kdFogUCXJLPgQAKCRBRcisI/kdFoqdMAQCgH45aseZgIrwKOvUOA9QfsmeE 8GZHYNuFHmM9FEQS6AD6A4x5aYvoY6lo98pgtw2HPDhmcCXFItjXCrV4A0GmJA4J ENc89jjFPAa+wUUBAO64fbZek6FPlRK0DrlWsrjCXuLi6PUxyzCAY6lG2nhUAQC6 qobB9mkZlZ0qihy1x4JRtflqFcqqT9n7iUZkCDIiDbg4BFySz2oSCisGAQQBl1UB BQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmdJyYPt3lNHMd6HAMBCAeIfgQYFggA JgIbDBYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJn0XTSBQkNZGboAAoJENc89jjF PAa+0M0BAPPRq73kLnHYNDMniVBOzUdi2XeF32idjEWWfjvyIJUOAP4wZ+ALxIeh is3Uw2BzGZE6ttXQ2Q+DeCJO3TPpIqaXDAAKCRBRcisI/kdFoi6xAP4/wPikSSR7 zHs3caXfjBTPnYzgIxWBDciMZ1nuUAx+BwEA/1n/WKg1V0mmc53FlZ4vPC+XbyVo PMPMR8Nxk+9z1Qk=
    =Pwb0
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Mathias Gibbens@21:1/5 to Simon Josefsson on Thu Jul 10 11:40:01 2025
    On Thu, 2025-07-10 at 09:53 +0200, Simon Josefsson wrote:
    I tend to agree -- the package is in contrib, which I think are entitled
    to do "bad" things like downloading executables from the Internet and
    use them?

    Correct; the package source itself is DFSG, but it depends on non-
    free binary blobs which is why it's in contrib.


    Are these blobs distributable?  I suppose not.  Maybe having a list of known URLs and have the client try all of them would be more reliable.
    It may become a cat and mouse chase.

    I also have doubts about redistributabilty of the binary firmware
    itself. I couldn't find any license/readme either on the GitHub mirror
    or using the Wayback Machine to look at the original download site. In
    theory requiring the user to download each time via the postinst script
    works around it, at least from Debian's end, but I don't know about the
    site(s) that are actually hosting the firmware.

    This package has been orphaned for over a decade now, which is
    certainly less than ideal.

    Mathias

    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCgAdFiEE1Bp60H32xfynSJ8cKe7i1uz0QvkFAmhviOQACgkQKe7i1uz0 QvmEMg/+PfhqGCFxJJwWg1UTiZdEV6VPj6G9R0G6Gvrl5vhB5/s5XWfsgI6jgeuq oufh8MAVAFTdMDI7PE6HkwaUY4sKVgTe10QzMuixtdTRl8woQ/PmfIO5Lv1uaNMG knIeSPrJTRS0vIH8yr8AhimgaJYlElZhZsKJBc5tMba/AEQb126yNWN4Ib1bwtV6 a1FQcP6vB+8o3y62bATmM8iTxHUbW96Qaet/NcPyfsP6QDC5c8IzB04KSvPfLf5s WvRbe+p8bE190ckQMPT1WmHK/Pf9xzWOEYNQyriYZ25t2SjtNdv7o6GPnE9S0Wwz 7PPGc5+/lnL7rpZkMmVtx8tzxb/kaNEQUAixpnSu4BWxp5g5VoX0+uO92mo0Uf48 9ZP8sqs18b6pgHePXBELgBvIbNJahm9EmcLyDb5+DkJE95q7y1QI/EHzBCeU9kK4 3r2OmZ125tFXL7bbAUSGyspiowyJWT+F1dq7IARqH6PMesoaN2lR8w21TVXd0Xec Asb6sric9MM5GHxbSdjGTETZAHcDlVrA5LJbCf/DZfoSoiF0+XZNu9aNaCZ298Gr gBe2tgyFORkT/b4bsuEAy9nS4+cZaZmF+YagHIdA3/sfqiVwZWyQC6g37CcxSJz6 iTnl/RalAq+864rtqlzQGN5PegIleV2aRYPj0+fPXcp/reewp7w=
    =jSNJ
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From John Crawley@21:1/5 to All on Mon Jul 14 04:50:01 2025
    This bug report has been tagged "patch" but there seems to be no patch available.

    --
    John

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Mathias Gibbens@21:1/5 to [email protected] on Mon Jul 14 08:00:01 2025
    On Mon, 14 Jul 2025 11:28:38 +0900 John Crawley <[email protected]> wrote:
    This bug report has been tagged "patch" but there seems to be no patch available.

    I tagged with patch because I think the fix is just a one line change
    in the postinst script:

    diff --git a/debian/firmware-b43-installer.postinst b/debian/firmware-b43-installer.postinst
    index f287e3e..6de631c 100644
    --- a/debian/firmware-b43-installer.postinst
    +++ b/debian/firmware-b43-installer.postinst
    @@ -19,7 +19,7 @@ fi

    DOWNLOAD="${BROADCOM_WL}.tar.bz2"

    -URL="https://www.lwfinger.com/b43-firmware/${DOWNLOAD}" +URL="https://github.com/minios-linux/b43-firmware/releases/download/b43-firmware/${DOWNLOAD}"

    FIRMWARE_INSTALL_DIR="/usr/lib/firmware"


    There's concern about hosting of the firmware files, but that problem pre-dates this issue where the website referenced by the script has disappeared.

    I guess I'll go ahead and prepare an unblock pre-approval request; if
    the RT approves I'll then do a QA upload of this package.

    Mathias

    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCgAdFiEE1Bp60H32xfynSJ8cKe7i1uz0QvkFAmh0mokACgkQKe7i1uz0 QvkOGA//QMqZU1LWpAwSy1TUV60k1GO+Saib10fgqk6qNYACncZJuMAwy3jlFVTT ZzuJ4+LIluHFAAOWxudCAIQC0yX/mK9OnSuUENXAwCdIXVhu/psCVBPDtGLZZtfB ITtia1Q03Xwye/HnEO/TP7oX0Me4SWAMCxC0hM+Su+vKpREKCyUAZ+6TDWPMrXO9 goECI4K3wa/p/pb/yjTMBlc3yJGz9WAPkIODV3FuPBuIQinoNcgqfg6u5jXB9eZo HGv0tanv/COpOKTmgD/0my+EbN+dZ2JgE9c0S4wJTxc9OXF3/50XKgUHY63yW9qv tXed5IKJ0y/BWluJzLDCgXfRzE/sRcZo1hqGd8Cz+TiEUGdgquvgJd5KTTDwPIzA DSjib6SU8wHxRxOmrnQdWWlW3X7Hxezw4VXOIsV1iSaTlEjUinLZTn63SkgCuFkQ VtZhKh+yoWfBe/TpOltiFSMhcrmlXyI+j554tXkXgsNI8pSX7f+6ESJsHcejca0p AO8Jcy+2z0wbvnLLudQSLPIEYoE9viZ5yW4Do6CjLNzNAI4Hz09tvBPp5dqBW7a4 fDX8u5pR0qiVs70FSrm+9FTvk0bX2j7jjOwuiSe7PcGAGzqPn7lmNOT4vxM03Mrf /inC1e2YbO6NbQq3Ee97Cww1FmgS5WvjP57nQg0vY8/PwJgXQYA=
    =XmTv
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From John Crawley@21:1/5 to Mathias Gibbens on Mon Jul 14 08:30:01 2025
    On 14/07/2025 14:50, Mathias Gibbens wrote:
    On Mon, 14 Jul 2025 11:28:38 +0900 John Crawley <[email protected]> wrote:
    This bug report has been tagged "patch" but there seems to be no patch available.

    I tagged with patch because I think the fix is just a one line change
    in the postinst script:

    diff --git a/debian/firmware-b43-installer.postinst b/debian/firmware-b43-installer.postinst
    index f287e3e..6de631c 100644
    --- a/debian/firmware-b43-installer.postinst
    +++ b/debian/firmware-b43-installer.postinst
    @@ -19,7 +19,7 @@ fi

    DOWNLOAD="${BROADCOM_WL}.tar.bz2"

    -URL="https://www.lwfinger.com/b43-firmware/${DOWNLOAD}"
    +URL="https://github.com/minios-linux/b43-firmware/releases/download/b43-firmware/${DOWNLOAD}"

    FIRMWARE_INSTALL_DIR="/usr/lib/firmware"


    There's concern about hosting of the firmware files, but that problem pre-dates this issue where the website referenced by the script has disappeared.

    I guess I'll go ahead and prepare an unblock pre-approval request; if
    the RT approves I'll then do a QA upload of this package.

    Mathias

    There still seem to be machines in active use that need that firmware, so an upgrade would be welcome.
    Ofc the firmware itself is in a grey area, but I don't know of any other way to get it.

    --
    John

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)