[Group.of.nepali.translators] [Bug 1848828] Re: report packages from security pocket
The Eoan Ermine has reached end of life, so this bug will not be fixed for that release ** Changed in: landscape-client (Ubuntu Eoan) Status: In Progress => Won't Fix -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1848828 Title: report packages from security pocket Status in landscape-client package in Ubuntu: In Progress Status in landscape-client source package in Xenial: In Progress Status in landscape-client source package in Bionic: In Progress Status in landscape-client source package in Disco: Won't Fix Status in landscape-client source package in Eoan: Won't Fix Status in landscape-client source package in Focal: In Progress Bug description: [Impact] I report this bug to add the necessary bit into lds-client for all affected/supported releases. [Test Case] * One must use Landscape server on-prem (version >=19.01) or hosted which already contain the necessary server side change. * Install landscape-client. * Successfully register a client against Landscape server. * Security updates will only rely on USN notices and could possibly ignore other packages found in -security pocket even if they are there simply by the fact that there was no USN notice specific for them. (e.g. systemd has an USN, systemd get updated but its derived systemd binary packages aren't updated) [Regression Potential] * The patch flags potential security updates by matching the pocket name. The server then does additional package selection from that info. If the pocket matching were to break, security updates would continue as it was previously. * False positive matching could be possible, assuming one builds a mirror which mimics security pockets and contains normal updates. In that case, landscape could mistakenly update as if they were security updates. * Landscape may apply security updates without USN data, if the update comes from a security pocket. Since this matches the behaviour of unattended-upgrades and MOTD info, this may be closer to what users expect, even though this is a change of behaviour. [Other Info] * Upstream details: https://github.com/CanonicalLtd/landscape-client/commit/93a3b47965da199785e9b3d226cb61f721e54196 https://github.com/CanonicalLtd/landscape-client/pull/57 https://github.com/CanonicalLtd/landscape-client/pull/70 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/landscape-client/+bug/1848828/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1848828] Re: report packages from security pocket
** Changed in: landscape-client (Ubuntu Disco) Status: In Progress => Won't Fix -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1848828 Title: report packages from security pocket Status in landscape-client package in Ubuntu: In Progress Status in landscape-client source package in Xenial: In Progress Status in landscape-client source package in Bionic: In Progress Status in landscape-client source package in Disco: Won't Fix Status in landscape-client source package in Eoan: In Progress Status in landscape-client source package in Focal: In Progress Bug description: [Impact] I report this bug to add the necessary bit into lds-client for all affected/supported releases. [Test Case] * One must use Landscape server on-prem (version >=19.01) or hosted which already contain the necessary server side change. * Install landscape-client. * Successfully register a client against Landscape server. * Security updates will only rely on USN notices and could possibly ignore other packages found in -security pocket even if they are there simply by the fact that there was no USN notice specific for them. (e.g. systemd has an USN, systemd get updated but its derived systemd binary packages aren't updated) [Regression Potential] * The patch flags potential security updates by matching the pocket name. The server then does additional package selection from that info. If the pocket matching were to break, security updates would continue as it was previously. * False positive matching could be possible, assuming one builds a mirror which mimics security pockets and contains normal updates. In that case, landscape could mistakenly update as if they were security updates. * Landscape may apply security updates without USN data, if the update comes from a security pocket. Since this matches the behaviour of unattended-upgrades and MOTD info, this may be closer to what users expect, even though this is a change of behaviour. [Other Info] * Upstream details: https://github.com/CanonicalLtd/landscape-client/commit/93a3b47965da199785e9b3d226cb61f721e54196 https://github.com/CanonicalLtd/landscape-client/pull/57 https://github.com/CanonicalLtd/landscape-client/pull/70 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/landscape-client/+bug/1848828/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
