upgrade of openvswitch packages resets alternative binaries to auto

This is a somewhat tricky issue as the alternative removal is done in the prerm script of the currently installed package version; so we can fix it for future updates, but the act of fixing it will cause any -dpdk based installations to revert back to the non-dpdk version of the binary.

This bug was fixed in the package openvswitch - 2.12.0~git20190903.1cdf291dc-0ubuntu1

---------------
openvswitch (2.12.0~git20190903.1cdf291dc-0ubuntu1) eoan; urgency=medium

  * New upstream snapshot from 2.12 branch.
  * d/p/0001-acinclude-Also-use-LIBS-from-dpkg-pkg-config.patch: Drop,
    included upstream.
  * d/control: Bumped Standards-Version to 4.4.0.
  * d/control,rules: Drop Python 2 support.
  * d/rules: Disable testing of DPDK build on arm64 as builders don't
    have the required crc32 CPU feature.
  * d/control: Version BD for libdpdk-dev to ensure buid without overlinking.

 -- James Page <email address hidden> Fri, 06 Sep 2019 09:46:28 +0100

This broke several customer Bionic DPDK based clouds today.

Upgrading an install that exhibits this bug is a major trip-hazard, as the act of upgrading the package to the new version will call the broken prerm to execute, resulting in the -dpdk binary being disabled again.

To avoid this:

sudo sed -i "/update-alternatives/d" /var/lib/dpkg/info/openvswitch-switch-dpdk.prerm

before completing the package upgrade thus ensuring the -dpdk version of the binary never gets removed.

Hello James, or anyone else affected,

Accepted openvswitch into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/openvswitch/2.9.8-0ubuntu0.18.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello James, or anyone else affected,

Accepted openvswitch into stein-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:stein-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-stein-needed to verification-stein-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-stein-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello James, or anyone else affected,

Accepted openvswitch into queens-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository.

Please help us by testing this new package. To enable the -proposed repository:

  sudo add-apt-repository cloud-archive:queens-proposed
  sudo apt-get update

Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-queens-needed to verification-queens-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-queens-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Verified successfully

Note: I think the testcase has a typo for the SRU, where the first and second 'update-alternatives --query' should both have:

Value: /usr/lib/openvswitch-switch-dpdk/ovs-vswitchd-dpdk

This bug was fixed in the package openvswitch - 2.9.8-0ubuntu0.18.04.2

---------------
openvswitch (2.9.8-0ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: packet parsing vulnerability
    - debian/patches/CVE-2020-35498.patch: support extra padding length in
      lib/conntrack.c, lib/dp-packet.h, lib/flow.c, tests/classifier.at.
    - CVE-2020-35498

 -- Marc Deslauriers <email address hidden> Thu, 28 Jan 2021 14:49:10 -0500

The verification of the Stable Release Update for openvswitch has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package openvswitch - 2.11.5-0ubuntu0.19.04.1~cloud0
---------------

 openvswitch (2.11.5-0ubuntu0.19.04.1~cloud0) bionic; urgency=medium
 .
   * d/openvswitch-switch{-dpdk}.prerm,postinst: Tidy with case statements,
     only remove alternatives when package is being removed (LP: #1836713).
   * New upstream point release (LP: #1912225) including security fixes for:
   * SECURITY UPDATE: buffer overflow decoding malformed packets in lldp
     - CVE-2015-8011
   * SECURITY UPDATE: Externally triggered memory leak in lldp
     - CVE-2020-27827

The verification of the Stable Release Update for openvswitch has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package openvswitch - 2.9.8-0ubuntu0.18.04.1~cloud0
---------------

 openvswitch (2.9.8-0ubuntu0.18.04.1~cloud0) xenial-queens; urgency=medium
 .
   * New upstream release for the Ubuntu Cloud Archive.
 .
 openvswitch (2.9.8-0ubuntu0.18.04.1) bionic; urgency=medium
 .
   * d/openvswitch-switch{-dpdk}.prerm,postinst: Tidy case statements,
     only remove alternatives when package is being removed (LP: #1836713).
   * New upstream stable release (LP: #1912201):
     - debian/patches/CVE-2015-8011.patch,CVE-2020-27827.patch: Dropped,
       included in release.