[Bug 1624641] Re: security updates with a new dependency don't get installed

Brian Murray brian at ubuntu.com
Mon Nov 14 19:54:38 UTC 2016 

After this operation, 0 B of additional disk space will be used.
Get:1 http://192.168.10.7/ubuntu yakkety-proposed/main amd64 unattended-upgrades all 0.92ubuntu1.1 [33.4 kB]
Fetched 33.4 kB in 0s (582 kB/s)               
The system does not support apt-btrfs-snapshot
Preconfiguring packages ...
(Reading database ... 297966 files and directories currently installed.)
Preparing to unpack .../unattended-upgrades_0.92ubuntu1.1_all.deb ...
Unpacking unattended-upgrades (0.92ubuntu1.1) over (0.92ubuntu1) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for systemd (231-9ubuntu1) ...
Setting up unattended-upgrades (0.92ubuntu1.1) ...
Replacing config file /etc/apt/apt.conf.d/50unattended-upgrades with new version
update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults
Processing triggers for man-db (2.7.5-1) ...
[ 11:53AM 5736 ]  [ bdmurray at speedy:~/Pictures/Nexus 5x ]
 $ head -n7 /etc/apt/apt.conf.d/50unattended-upgrades
// Automatically upgrade packages from these (origin:archive) pairs
Unattended-Upgrade::Allowed-Origins {
	"${distro_id}:${distro_codename}";
	"${distro_id}:${distro_codename}-security";
//	"${distro_id}:${distro_codename}-updates";
//	"${distro_id}:${distro_codename}-proposed";
//	"${distro_id}:${distro_codename}-backports";

verification done for xenial

** Tags removed: verification-needed
** Tags added: verification-done

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to unattended-upgrades in Ubuntu.
https://bugs.launchpad.net/bugs/1624641

Title:
  security updates with a new dependency don't get installed

Status in unattended-upgrades package in Ubuntu:
  Fix Released
Status in unattended-upgrades source package in Xenial:
  Fix Released
Status in unattended-upgrades source package in Yakkety:
  Fix Committed

Bug description:
  Test Case
  ---------
  1) Boot a xenial system w/o chromium browser and w/o libspeechd2 installed
  2) Install the release version of chromium browser e.g. "sudo apt-get install chromium-browser=49.0.2623.108-0ubuntu1.1233 chromium-browser-l10n=49.0.2623.108-0ubuntu1.1233 chromium-codecs-ffmpeg-extra=49.0.2623.108-0ubuntu1.1233"
  3) Run apt-get update if you didn't already
  4) Run "sudo /usr/bin/unattended-upgrades -v -d"
  5) Observe the following output "Checking: chromium-browser ([<Origin component:'universe' archive:'xenial-updates' origin:'Ubuntu' label:'Ubuntu' site:'192.168.10.7' isTrusted:True>, <Origin component:'universe' archive:'xenial-security' origin:'Ubuntu' label:'Ubuntu' site:'192.168.10.7' isTrusted:True>])
  pkg 'libspeechd2' not in allowed origin
  sanity check failed"

  With the version of unattended-upgrades from -proposed libspeechd2
  should be from an allowed origin and chromium-browser will get
  updated.

  Regression Potential
  --------------------
  This change modifies the behavior of unattended-upgrades such that new packages will be installed on a user's system and they may not except such behavior (e.g. why was libspeechd2 insalled?).  However, this seems better than not installing security updates and leaving people's systems vulnerable to attack.

  Original Description
  --------------------
  E.g. chromium-browser has an update, but U-U does not update it. I saw in update-manager that the security update is available before running U-U. Afterwards I can install the update by update-manager.

  ProblemType: BugDistroRelease: Ubuntu 16.04
  Package: unattended-upgrades 0.90
  ProcVersionSignature: Ubuntu 4.4.0-36.55-generic 4.4.16
  Uname: Linux 4.4.0-36-generic i686
  ApportVersion: 2.20.1-0ubuntu2.1
  Architecture: i386
  CurrentDesktop: XFCE
  Date: Sat Sep 17 11:13:40 2016
  InstallationDate: Installed on 2016-09-05 (11 days ago)
  InstallationMedia: Mythbuntu 16.04.1 LTS "Xenial Xerus" - Release i386 (20160719)
  PackageArchitecture: allSourcePackage: unattended-upgrades
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1624641/+subscriptions

More information about the foundations-bugs mailing list