Just a heads-up : our automated checking of "pending patches" relied on
the (default) non-human-readable output - which seems to still omit the
ESM patches.
Compare:
```
$ sudo /usr/lib/update-notifier/apt-check --human-readable
UA Infra: Extended Security Maintenance (ESM) is enabled.
11
This bug was fixed in the package update-notifier - 3.192.1.9
---
update-notifier (3.192.1.9) bionic; urgency=medium
* data/apt_check.py: Update UA Infra: ESM product name and doc url
(LP: #1901627)
- data/apt_check.py: Update name and URL
- tests/test_motd.py: adapt
This bug was fixed in the package update-notifier - 3.168.13
---
update-notifier (3.168.13) xenial; urgency=medium
* Fix pep8 autopkgtest failures in the right control file (LP: #1906436)
- d/control: remove pep8 from Build-Depends as no tests run by
override_dh_auto_test
Focal verification complete. security updates from esm security pocket are
properly calculated now.
--- BEGIN focal update-notifier testing
--- Launch cloud-init with ppa:ua-client/proposed enabled
Creating test-sru-focal
Starting test-sru-focal
--- Wait for cloud-init to finish
And finally successful xenial results (which required dropping xenial-
updates and xenial-security from apt sources because those pockets
contain a greater pkg version than what esm currently delivers for
libkrad0.
--- BEGIN xenial update-notifier testing
--- Launch cloud-init with
Per auto-comment #34 autopkg test looked to be an intermittent unrelated
failure, we rekicked the autopkgtest job.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881632
Title:
esm security updates
Hello Chad, or anyone else affected,
Accepted update-notifier into xenial-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/update-
notifier/3.168.13 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See
Bionic verification success results here:
--- BEGIN bionic update-notifier testing
--- Launch cloud-init with ppa:ua-client/proposed enabled
Creating test-sru-bionic
Starting test-sru-bionic
--- Wait for cloud-init to finish
Validated for bionic. Held up SRU verification while awaiting an upload
acceptance into xenial-proposed due to autopkgtest failures on xenial
which pre-existed this SRU.
I can perform up xenial testing once v. 3.168.13 is accepted for testing in
-proposed
Removed from focal-proposed
** Changed in: update-notifier (Ubuntu Focal)
Status: Fix Committed => Triaged
** Tags removed: verification-needed verification-needed-focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Hello Chad, or anyone else affected,
Accepted update-notifier into xenial-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/update-
notifier/3.168.12 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See
Hello Chad, or anyone else affected,
Accepted update-notifier into bionic-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/update-
notifier/3.192.1.9 in a few hours, and then in the -proposed repository.
Please help us by testing this new package.
Hello Chad, or anyone else affected,
Accepted update-notifier into focal-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/update-
notifier/3.192.30.2 in a few hours, and then in the -proposed
repository.
Please help us by testing this new package.
Marking this bug as verification failed because both Xenial and Bionic
introduced autopkgtest failures due to a new pep8 linting test that was
included.
Decided to reject Focal as well even though verification tests passed
because we have an APT URL fix that still needs to SRU into Focal and we
** Tags removed: verification-done-focal verification-needed
verification-needed-bionic verification-needed-xenial
** Tags added: verification-failed verification-failed-bionic
verification-failed-focal verification-failed-xenial
--
You received this bug notification because you are a member
--- BEGIN focal update-notifier testing
--- Launch cloud-init with ppa:ua-client/proposed enabled
Creating test-sru-focal
Starting test-sru-focal
--- Wait for cloud-init to finish
** Merge proposal linked:
https://code.launchpad.net/~chad.smith/ubuntu/+source/update-notifier/+git/update-notifier/+merge/392487
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881632
Title:
Hello Chad, or anyone else affected,
Accepted update-notifier into bionic-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/update-
notifier/3.192.1.8 in a few hours, and then in the -proposed repository.
Please help us by testing this new package.
Hello Chad, or anyone else affected,
Accepted update-notifier into xenial-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/update-
notifier/3.168.11 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See
Thanks again Łukasz,
I've updated the test script on this bug. We have a ppa:ua-client/proposed
which does support trusty, xenial, bionic and focal which will allow us to
exercise this changeset.
** Description changed:
[Impact]
ESM-related Security pocket packages are not reported being
Already asked on IRC, but re-asking here for documentation purposes: how
would it be tested for all the non-trusty series? Since the test case
mentions using a trusty lxd to perform the tests. Is it possible to
perform the same testing steps on xenial, bionic or focal (since we
don't have ESM for
This is available in trusty esm now:
Version table:
0.154.1ubuntu9 0
500 https://esm.ubuntu.com/ubuntu/ trusty-infra-security/main amd64
Packages
Closing bug.
** Changed in: update-notifier (Ubuntu Trusty)
Status: In Progress => Fix Released
--
You received this bug
I uploaded the fixed package to the SRU queue.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881632
Title:
esm security updates not reported by apt update-notifier
To manage notifications about
** Description changed:
[Impact]
ESM-related Security pocket packages are not reported being classified as
security due to a rename in the backend apt suites from esm-security ->
esm-infra-security and esm-apps-security.
[Test Case]
* Launch a trusty lxd. For example:
lxc launch
** Description changed:
[Impact]
ESM-related Security pocket packages are not reported being classified as
security due to a rename in the backend apt suites from esm-security ->
esm-infra-security and esm-apps-security.
[Test Case]
* Launch a trusty lxd. For example:
lxc launch
By checking an update against ESM_ORIGINS, the current patch is
aggregating esm security updates for both infra and apps, but the output
summary at the end is explicit about infra:
"""
3 of these updates are provided through UA Infrastructure ESM.
"""
We should either count them separately, and
** Also affects: update-notifier (Ubuntu Trusty)
Importance: Undecided
Status: New
** Changed in: update-notifier (Ubuntu Trusty)
Status: New => In Progress
** Changed in: update-notifier (Ubuntu Trusty)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
--
You
** Description changed:
- [Impact]
+ [Impact]
ESM-related Security pocket packages are not reported being classified as
security due to a rename in the backend apt suites from esm-security ->
esm-infra-security and esm-apps-security.
-
[Test Case]
* Launch a trusty lxd. For example:
** Description changed:
+ [Impact]
+ ESM-related Security pocket packages are not reported being classified as
security due to a rename in the backend apt suites from esm-security ->
esm-infra-security and esm-apps-security.
+
+
+ [Test Case]
+ * Launch a trusty lxd. For example:
+ lxc
This bug was fixed in the package update-notifier - 3.192.32
---
update-notifier (3.192.32) groovy; urgency=medium
[ Chad Smith ]
* data/apt_check.py: Update ESM security pockets names (LP: #1881632)
- the UbuntuESM pocket was renamed from -security to
-infra-security
** Changed in: update-notifier (Ubuntu)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: update-notifier (Ubuntu)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
There are other ESM changes done to the trusty package which have never
been SRUed to the later ubuntu releases :/
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881632
Title:
esm security updates
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/update-notifier/+git/update-notifier/+merge/385425
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881632
Title:
Note that this bit needs to be ESM_ORIGINS, not esm_origins:
@@ -58,7 +61,7 @@ def isSecurityUpgrade(ver):
def isESMUpgrade(ver):
" check if the given version is a security update (or masks one) "
for (file, index) in ver.file_list:
-if file.origin == "UbuntuESM" and
yes, needs sponsoring.
And actually, it looks like there have also been a few other updates to
update-notifier that went to -updates for trusty even after standard
support ended. They appear to have been similarly dealing with how it
reports ESM updates. Perhaps I was wrong in my previous comment
Patch looks good to me, does it need sponsoring?
We released other ESM enablement fixes via -updates, so this probably
does not need pushing via security.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
yes, all the way back to trusty.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881632
Title:
esm security updates not reported by apt update-notifier
To manage notifications about this bug go to:
I can upload the fix to trusty ESM. Should the other releases go to the
-security or the -updates pocket?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881632
Title:
esm security updates not
I guess this needs to go all the way back to trusty, right?
** Tags added: rls-gg-incoming
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881632
Title:
esm security updates not reported by apt
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: update-notifier (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881632
** Tags added: patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881632
Title:
esm security updates not reported by apt update-notifier
To manage notifications about this bug go to:
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881632
Title:
esm security updates not reported by apt update-notifier
To manage
Patch suggestion to ensure both ESM Apps and ESM Infra security pockets
are properly classified as security type updates
ESM infra pocket: esm-infra-security
ESM apps pocket: esm-apps-security
** Patch added: "apt-update-notifier-esm-security-pockets.patch"
43 matches
Mail list logo