Firefox security updates delayed on Ubuntu 21.10/22.04 by 2 weeks
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| snapd |
New
|
Undecided
|
Unassigned | ||
Bug Description
On home user machines running Ubuntu the Firefox snap security updates are being delayed by 2 weeks due to the way snap updates currently work (after sig). This is not acceptable security-wise.
The alternative is not acceptable from the user-experience point of view. Ask Ubuntu recommends manually killing firefox and running snap refresh from in order to get what is (generally) the latest point release: https:/
The experience in 20.04 (where the Firefox snap would crash upon the background snap update) is preferable to the current status from the security point of view.
Best Regards,
Ciprian Enache
How snap updates work:
1. If Firefox is running the user is notified that "Pending update of "firefox" snap. Close the app to avoid disruptions. (13 days left)"
2. If the user closes Firefox and reopens it 5-10 minutes later, or even 1-2 hours later, the Firefox snap will not be updated since the snap updates only happen at 2-4 times per day at specific times.
| summary: |
- Firefox security updates delayed on Ubuntu 21.10/22.04 by at least 2 - weeks + Firefox security updates delayed on Ubuntu 21.10/22.04 by 2 weeks |
| description: | updated |
| information type: | Private Security → Public Security |
| Miguel Pires (miguelpires1) wrote | #1 |
Hi, thanks for opening a bug report. There is ongoing work to ensure that, after the user is notified, the snap is refreshed once the user closes it (https:/