[Bug 1878694] Re: ubuntu-security-status checks esm-infra for ESM Apps
Brian Murray
1878694 at bugs.launchpad.net
Wed May 20 22:17:12 UTC 2020
I believe I have a fix for this issue in the branch linked to from this
bug report. If you could test it out for me that would be helpful.
Thanks!
** Changed in: update-manager (Ubuntu)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to update-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1878694
Title:
ubuntu-security-status checks esm-infra for ESM Apps
Status in update-manager package in Ubuntu:
In Progress
Bug description:
It looks like ubuntu-security-status assumes that ESM Apps is enabled
when only ESM Infra is enabled.
There is no problem with ESM Apps and ubuntu-security-status. It's
just that it looks like ESM Infra gives a false positive about
receiving the updates.
Reproducer with an Ubuntu 18.04 Pro instance on AWS:
ubuntu at ip-172-31-11-12:~$ ua status
SERVICE ENTITLED STATUS DESCRIPTION
cc-eal yes n/a Common Criteria EAL2 Provisioning Packages
cis-audit no — Center for Internet Security Audit Tools
esm-apps yes enabled UA Apps: Extended Security Maintenance
esm-infra yes enabled UA Infra: Extended Security Maintenance
fips yes disabled NIST-certified FIPS modules
fips-updates yes disabled Uncertified security updates to FIPS modules
livepatch yes enabled Canonical Livepatch service
[...]
ubuntu at ip-172-31-11-12:~$ sudo apt update
ubuntu at ip-172-31-11-12:~$ sudo apt install ansible
ubuntu at ip-172-31-11-12:~$ wget https://bit.ly/3cDGwLe -qO ubuntu-
security-status
ubuntu at ip-172-31-11-12:~$ python3 ubuntu-security-status
535 packages installed on Ubuntu 18.04 LTS, of which:
529 receive package updates with LTS until 4/2023
5 are receiving security updates with ESM Apps until 4/2028
1 package is no longer available for download
[...]
ubuntu at ip-172-31-11-12:~$ sudo ua disable esm-apps
Updating package lists
ubuntu at ip-172-31-11-12:~$ python3 ubuntu-security-status
535 packages installed on Ubuntu 18.04 LTS, of which:
529 receive package updates with LTS until 4/2023
5 are receiving security updates with ESM Apps until 4/2028
1 package is no longer available for download
[...]
ubuntu at ip-172-31-11-12:~$ sudo ua disable esm-infra
Updating package lists
ubuntu at ip-172-31-11-12:~$ python3 ubuntu-security-status
535 packages installed on Ubuntu 18.04 LTS, of which:
529 receive package updates with LTS until 4/2023
5 could receive security updates with ESM Apps until 4/2028
1 package is no longer available for download
Packages that are not available for download may be left over from a
previous release of Ubuntu, may have been installed directly from a
.deb file, or are from a source which has been disabled.
For more information on the packages, run 'ubuntu-security-status
--unavailable'.
Enable Extended Security Maintenance (ESM Apps) to get 5 security
updates (so far) and enable coverage of 5 packages.
Enable ESM Apps with: ua enable esm-apps
ubuntu at ip-172-31-11-12:~$ sudo ua enable esm-infra
One moment, checking your subscription first
Updating package lists
ESM Infra enabled
ubuntu at ip-172-31-11-12:~$ python3 ubuntu-security-status
535 packages installed on Ubuntu 18.04 LTS, of which:
529 receive package updates with LTS until 4/2023
5 are receiving security updates with ESM Apps until 4/2028
1 package is no longer available for download
[...]
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1878694/+subscriptions
More information about the foundations-bugs
mailing list