update-manager indicates that updates are security updates even if they're not
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
update-manager (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: update-manager
Even if the only updates available are non-security updates, package-manager makes it visually look like the updates are in fact security updates.
In the attached screenshot, you can see where at the top of the updatatable package list, there's a message "Important security updates". The first five packages are: cupsys, cupsys-bsd, cupsys-client, cupsys-common, and ghostscript.
Here's the 'apt-cache policy' listings for those packages:
levander@louis:~$ apt-cache policy cupsys
cupsys:
Installed: 1.3.2-1ubuntu7
Candidate: 1.3.2-1ubuntu7.5
Version table:
1.
500 http://
1.
500 http://
*** 1.3.2-1ubuntu7 0
500 http://
100 /var/lib/
levander@louis:~$ apt-cache policy cupsys-bsd
cupsys-bsd:
Installed: 1.3.2-1ubuntu7
Candidate: 1.3.2-1ubuntu7.5
Version table:
1.
500 http://
1.
500 http://
*** 1.3.2-1ubuntu7 0
500 http://
100 /var/lib/
levander@louis:~$ apt-cache policy cupsys-client
cupsys-client:
Installed: 1.3.2-1ubuntu7
Candidate: 1.3.2-1ubuntu7.5
Version table:
1.
500 http://
1.
500 http://
*** 1.3.2-1ubuntu7 0
500 http://
100 /var/lib/
levander@louis:~$ apt-cache policy cupsys-common
cupsys-common:
Installed: 1.3.2-1ubuntu7
Candidate: 1.3.2-1ubuntu7.5
Version table:
1.
500 http://
1.
500 http://
*** 1.3.2-1ubuntu7 0
500 http://
100 /var/lib/
levander@louis:~$ apt-cache policy ghostscript
ghostscript:
Installed: 8.61.dfsg.
Candidate: 8.61.dfsg.
Version table:
8.
500 http://
8.
500 http://
*** 8.61.dfsg.
500 http://
100 /var/lib/
You can see that none of these updates are coming from the security archives.
I created this situation by doing a clean install of Gutsy, then going to the "Software Sources" dialog and selecting to auto-install security updates. The next day, many updates were auto-installed, the updates still list in update-manager are the ones that weren't updated.
Note that it's not that update-manager installs these non-security updates when you've selected to auto-install security updates, update-manager does not do this. But from the GUI, it just looks like those updates are security updates.
So, I installed the updates and now there's one new update available. It's a non-security update and the "Important security updates" message is gone. It now says "Recommended Updates".
I'm guessing this bug only occurs on new systems where you haven't installed any certain type of packages yet. The 2nd to last paragraph in the original post states how I created the error.
Screenshot of new situation attached.