[Bug 1881632] Re: esm security updates not reported by apt update-notifier

Chad Smith 1881632 at bugs.launchpad.net
Mon Jun 1 18:26:51 UTC 2020 

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to update-notifier in Ubuntu.
https://bugs.launchpad.net/bugs/1881632

Title:
  esm security updates not reported by apt update-notifier

Status in update-notifier package in Ubuntu:
  New

Bug description:
  ESM-related Security pocket packages are not reported being classified
  as security due to a rename in the backend apt suites from esm-
  security -> esm-infra-security and esm-apps-security.

  
  The customer issue reported catches the symptom well:

  
  """
  	
  I believe there's a problem with "apt_check.py" in the "update-notifier-common" package when using "ua". I have enabled "ua" via "ua attach" and yet "apt-check" shows updates, but does not specify they are security updates, even though they are:
  mrussell at deputy:~$ /usr/lib/update-notifier/apt-check --human-readable
  UA Infrastructure Extended Security Maintenance (ESM) is enabled.

  8 updates can be installed immediately.
  8 of these updates are provided through UA Infrastructure ESM.
  0 of these updates are security updates.
  To see these additional updates run: apt list --upgradable

  Note, these are the packages:
  mrussell at deputy:~$ apt list --upgradable
  Listing... Done
  apt/trusty-infra-security 1.0.1ubuntu2.24+esm1 amd64 [upgradable
  from: 1.0.1ubuntu2.24]
  apt-transport-https/trusty-infra-security 1.0.1ubuntu2.24+esm1 amd64 [upgradable from: 1.0.1ubuntu2.24]
  apt-utils/trusty-infra-security 1.0.1ubuntu2.24+esm1 amd64 [upgradable from: 1.0.1ubuntu2.24]
  libapt-inst1.5/trusty-infra-security 1.0.1ubuntu2.24+esm1 amd64 [upgradable from: 1.0.1ubuntu2.24]
  libapt-pkg4.12/trusty-infra-security 1.0.1ubuntu2.24+esm1 amd64 [upgradable from: 1.0.1ubuntu2.24]
  libjson-c2/trusty-infra-security 0.11-3ubuntu1.2+esm3 amd64 [upgradable from: 0.11-3ubuntu1.2+esm2]
  libjson0/trusty-infra-security 0.11-3ubuntu1.2+esm3 amd64 [upgradable from: 0.11-3ubuntu1.2+esm2]

  If I change "isSecurityUpgrade()" to also include this
  value in "security_pockets": ("UbuntuESM", "%s-infra-security" % DISTRO),
  then, the output is correct:
  mrussell at deputy:~$ /usr/lib/update-notifier/apt-check --human-readable
  UA Infrastructure Extended Security Maintenance (ESM) is enabled.

  8 updates can be installed immediately.
  8 of these updates are provided through UA Infrastructure ESM.
  8 of these updates are security updates.
  To see these additional updates run: apt list --upgradable
  """

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/update-notifier/+bug/1881632/+subscriptions

More information about the foundations-bugs mailing list