Outdated packages in "…contains outdated Ubuntu packages” emails
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Snap Store Server |
New
|
Undecided
|
Unassigned | ||
Bug Description
I maintain a number of snaps and regularly receive messages about packages that have been updated in the Ubuntu Archive, typically because of a USN.
Since early August these messages have referred to store revisions that have been superseded.
https:/
Here's an example from 2022-09-13:
> A scan of this snap shows that it was built with packages from the Ubuntu
> archive that have since received security updates. The following lists new
> USNs for affected binary packages in each snap revision:
>
> Revision r108 (amd64; channels: edge)
> * libtiff5: 5523-2
>
> Revision r109 (arm64; channels: edge)
> * libtiff5: 5523-2
>
> Revision r110 (armhf; channels: edge)
> * libtiff5: 5523-2
>
> Simply rebuilding the snap will pull in the new security updates and
> resolve this. If your snap also contains vendored code, now might be a
> good time to review it for any needed updates.
>
> Thank you for your snap and for attending to this matter.
>
> References:
> * https:/
“Revision r108” was superseded on 20 July.
It would appear that the notification messages are being generated from outdated information about the snaps.
| description: | updated |
| Alan Griffiths (alan-griffiths) wrote | #1 |
This matters as it means I now have to check snap contents to see whether recent uploads include the updated binaries. Previously I simply checked the revision number had changed.