Logging in by ssh - last line - is anything wrong?
David Fletcher
dave at thefletchers.net
Fri Jul 21 16:47:55 UTC 2023
On Fri, 2023-07-21 at 14:23 +0100, David Fletcher wrote:
> I've been taking a look there but can't find any bug report on
> this...
>
> I'll take a shot at it myself...
Response from Kian Parvin....
So the reason you're seeing the message when you login is because there
is a livepatch module inserted that is addressing some kernel
vulnerabilities, you can see the specific vulnerabilities addressed
with
`canonical-livepatch status --verbose`. Note that because patches are
cumulative you'll see vulnerabilities that were addressed years ago too
(these are already addressed by the base kernel).
Now the tricky part here is the messaging, normally a kernel release
doesn't immediately need livepatches and if you have unattended-
upgrades
setup and you reboot regularly, you'll always be on a recent release
that doesn't require livepatches and you wouldn't see the message. In
this case however it seems that there is a livepatch available for a
kernel release where there is no newer kernel to upgrade to, so you're
left with the confusing message that you should upgrade, even though
there is nothing to upgrade to (afaik).
I will bring this up internally to verify my assumptions and figure out
how we can clear up the messaging. Thanks for the report, and as a
note,
the messaging in this case is benign as you're on the latest kernel
already and Livepatch is being overly cautious by telling you to
update.
Hope that all made sense, open to any suggestions and clarifications
you
might have.
** Changed in: canonical-livepatch-client
Status: New => Triaged
** Changed in: canonical-livepatch-client
Importance: Undecided => Medium
More information about the ubuntu-users
mailing list