[Bug 1031680] Re: check_apt always report 0 critical updates

Robie Basak 1031680 at bugs.launchpad.net
Fri Jun 28 13:14:18 UTC 2013


I've reported this upstream, since I don't see that this bug will get
fixed any other way:
https://sourceforge.net/tracker/?func=detail&aid=3614595&group_id=29880&atid=397597

I'm dubious about calling this a security vulnerability. I can see your
logic, but this bug's root cause is the fundamental design of check_apt
(fragile apt-get simulation parsing) causing it to not work for security
purposes at all. I'd love to see this fixed, but it might be better to
just write an entirely separate plugin based on calling /usr/lib/update-
notifier/apt-check instead. In that case, it might be better to just say
that check_apt is unsuitable for detecting security updates on Ubuntu,
and what you really have is a wishlist bug for a different plugin that
*is* capable of it. Since /usr/lib/update-notifier/apt-check is machine
readable, such an alternative plugin could be about five lines of shell.
I have asked if such a contribution would be welcome in the upstream
bug.

Anyway, how to classify this bug isn't really going to change anything.
I have asked upstream for comments on a suitable fix. A working
interface to get the required information is available. We can follow
whatever they decide to do.

** Bug watch added: SourceForge.net Tracker #3614595
   http://sourceforge.net/support/tracker.php?aid=3614595

** Also affects: nagios-plugins via
   http://sourceforge.net/support/tracker.php?aid=3614595
   Importance: Unknown
       Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is a bug assignee.
https://bugs.launchpad.net/bugs/1031680

Title:
  check_apt always report 0 critical updates

To manage notifications about this bug go to:
https://bugs.launchpad.net/nagios-plugins/+bug/1031680/+subscriptions



More information about the Ubuntu-server-bugs mailing list