APT doc and manpage uses wrong ubuntu-codename

Bug #1812696 reported by Eric Desrochers on 2019-01-21
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apt (Ubuntu)
Wishlist
Julian Andres Klode
Xenial
Wishlist
Julian Andres Klode
Bionic
Wishlist
Julian Andres Klode
Cosmic
Wishlist
Julian Andres Klode
Disco
Wishlist
Julian Andres Klode

Bug Description

[Impact]

APT documentation/example/manpages isn't referencing the current release
which could be misleading for certain users.

---
APT src code:
---
[GOOD ubuntu-codename]

* trusty:
apt-1.0.1ubuntu2.18/doc/apt-verbatim.ent:<!ENTITY ubuntu-codename "trusty">

[WRONG ubuntu-codename]

* xenial:
apt-1.2.29/doc/apt-verbatim.ent:<!ENTITY ubuntu-codename "trusty">

* bionic:
apt-1.6.7/doc/apt-verbatim.ent:<!ENTITY ubuntu-codename "xenial">

* disco:
apt-1.8.0~alpha3/doc/apt-verbatim.ent:<!ENTITY ubuntu-codename "xenial">
---

* vendor/ubuntu/sources.list.in
---
# See sources.list(5) manpage for more information
# Remember that CD-ROMs, DVDs and such are managed through the apt-cdrom tool.
deb http://us.archive.ubuntu.com/ubuntu &ubuntu-codename; main restricted
deb-src http://us.archive.ubuntu.com/ubuntu &ubuntu-codename; main restricted

deb http://security.ubuntu.com/ubuntu &ubuntu-codename;-security main restricted
deb-src http://security.ubuntu.com/ubuntu &ubuntu-codename;-security main restricted

deb http://us.archive.ubuntu.com/ubuntu &ubuntu-codename;-updates main restricted
deb-src http://us.archive.ubuntu.com/ubuntu &ubuntu-codename;-updates main restricted
---

The ubuntu-codename variable for Xenial and late in APT points to 'trusty or 'xenial' which generate the doc example & manpage with the wrong release instead of the actual ubuntu-codename.

APT in Xenial point to 'trusty'.
APT in Bionic and late to 'xenial'

It also affect the man page:

Example took from Bionic:
http://manpages.ubuntu.com/manpages/bionic/man5/sources.list.5.html
http://manpages.ubuntu.com/manpages/bionic/man5/apt_preferences.5.html

[Test Case]

With Xenial and late:

 * Look sources.list(5) manpage
Ex:
http://manpages.ubuntu.com/manpages/bionic/man5/sources.list.5.html

 * Look apt_preferences(5) manpage
Ex: http://manpages.ubuntu.com/manpages/bionic/man5/apt_preferences.5.html

 * Look /usr/share/doc/apt/examples/sources.list

$ lsb_release -cs
bionic

$ cat /usr/share/doc/apt/examples/sources.list
----------------
# See sources.list(5) manpage for more information
# Remember that CD-ROMs, DVDs and such are managed through the apt-cdrom tool.
deb http://us.archive.ubuntu.com/ubuntu xenial main restricted
deb-src http://us.archive.ubuntu.com/ubuntu xenial main restricted

deb http://security.ubuntu.com/ubuntu xenial-security main restricted
deb-src http://security.ubuntu.com/ubuntu xenial-security main restricted

deb http://us.archive.ubuntu.com/ubuntu xenial-updates main restricted
deb-src http://us.archive.ubuntu.com/ubuntu xenial-updates main restricted
----------------------

You'll notice they all point to the wrong release.

While we understand it's not a "bug' and only a reference/example...
I think it's for the best interest of all if the examples/manpage reference the current release.

[Regression Potential]

 * None, it only affect documentation/examples and manpages. No behavior change in the APT code.

[Other Info]

[Original Description]
From APT src code :

---
[GOOD ubuntu-codename]
* trusty:
apt-1.0.1ubuntu2.18/doc/apt-verbatim.ent:<!ENTITY ubuntu-codename "trusty">

[WRONG ubuntu-codename]
* xenial:
apt-1.2.29/doc/apt-verbatim.ent:<!ENTITY ubuntu-codename "trusty">

* bionic:
apt-1.6.7/doc/apt-verbatim.ent:<!ENTITY ubuntu-codename "xenial">

* disco:
apt-1.8.0~alpha3/doc/apt-verbatim.ent:<!ENTITY ubuntu-codename "xenial">
---

* vendor/ubuntu/sources.list.in
---
# See sources.list(5) manpage for more information
# Remember that CD-ROMs, DVDs and such are managed through the apt-cdrom tool.
deb http://us.archive.ubuntu.com/ubuntu &ubuntu-codename; main restricted
deb-src http://us.archive.ubuntu.com/ubuntu &ubuntu-codename; main restricted

deb http://security.ubuntu.com/ubuntu &ubuntu-codename;-security main restricted
deb-src http://security.ubuntu.com/ubuntu &ubuntu-codename;-security main restricted

deb http://us.archive.ubuntu.com/ubuntu &ubuntu-codename;-updates main restricted
deb-src http://us.archive.ubuntu.com/ubuntu &ubuntu-codename;-updates main restricted
---

The ubuntu-codename variable for Bionic and late in APT points to Xenial which generate the doc example with Xenial instead of the actual codename.

* ./doc/sources.list.5.xml
---
<!ENTITY % aptverbatiment SYSTEM "apt-verbatim.ent"> %aptverbatiment;
---

It also seems to affect the man page by mentionning 'xenial'.
Example took from Bionic:
http://manpages.ubuntu.com/manpages/bionic/man5/sources.list.5.html
http://manpages.ubuntu.com/manpages/bionic/man5/apt_preferences.5.html

CVE References

Eric Desrochers (slashd) on 2019-01-21
Changed in apt (Ubuntu Trusty):
importance: Undecided → Wishlist
Changed in apt (Ubuntu Xenial):
importance: Undecided → Wishlist
Changed in apt (Ubuntu Bionic):
importance: Undecided → Wishlist
Changed in apt (Ubuntu Cosmic):
importance: Undecided → Wishlist
Changed in apt (Ubuntu Disco):
importance: Undecided → Wishlist
Eric Desrochers (slashd) wrote :

juliank will include the ubuntu-codename variable change in his next SRU later this week.

Thanks Juliank !

tags: added: sts
Changed in apt (Ubuntu Trusty):
status: New → Invalid
description: updated
Eric Desrochers (slashd) on 2019-01-21
description: updated
description: updated
Eric Desrochers (slashd) on 2019-01-21
description: updated
description: updated
description: updated
description: updated
Eric Desrochers (slashd) on 2019-01-21
Changed in apt (Ubuntu Disco):
assignee: nobody → Julian Andres Klode (juliank)
Eric Desrochers (slashd) on 2019-01-21
description: updated
Eric Desrochers (slashd) on 2019-01-21
Changed in apt (Ubuntu Disco):
status: New → In Progress
Eric Desrochers (slashd) on 2019-01-21
Changed in apt (Ubuntu Cosmic):
assignee: nobody → Julian Andres Klode (juliank)
Changed in apt (Ubuntu Bionic):
assignee: nobody → Julian Andres Klode (juliank)
Changed in apt (Ubuntu Xenial):
assignee: nobody → Julian Andres Klode (juliank)
Changed in apt (Ubuntu Bionic):
status: New → In Progress
Changed in apt (Ubuntu Cosmic):
status: New → In Progress
Changed in apt (Ubuntu Xenial):
status: New → In Progress
Eric Desrochers (slashd) on 2019-01-21
description: updated
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 1.8.0~beta1

---------------
apt (1.8.0~beta1) unstable; urgency=medium

  [ anatoly techtonik ]
  * README.md: Document that apt is also included
  * apt.cc: Add "apt info" alias for muscle memory

  [ Jean-Pierre Giraud ]
  * French manpages translation update (Closes: #915952)

  [ Frans Spiesschaert ]
  * Dutch manpages translation update (Closes: #916358)

  [ Julian Andres Klode ]
  * cache hash: Use sse4.2 CRC32c on x86-64 where available
  * configuration: Compare size first during lookup
  * debListParser: Avoid native arch lookup in ParseDepends
  * hash32: Tighten to multiversion to x86-64 ELF and use uint32_t
  * apt-mark: Introduce minimize-manual
  * doc/apt-verbatim.ent: Point ubuntu-codename to disco (LP: #1812696)
  * CI: Use debian:buster as test base image
  * doc/apt-verbatim.ent: Debian buster is stable
  * SECURITY UPDATE: content injection in http method (CVE-2019-3462)
    (LP: #1812353)
  * debian/control: Drop libcurl4-gnutls-dev build dependency

  [ Mo Zhou ]
  * zh_CN.po: Update Simplified Chinese programs translation.

  [ Khem Raj ]
  * Remove `register` keyword

  [ Vasya Novikov ]
  * bash completion: add keys

  [ David Kalnischkies ]
  * Communicate back which key(s) were used for signing

 -- Julian Andres Klode <email address hidden> Wed, 23 Jan 2019 16:49:34 +0100

Changed in apt (Ubuntu Disco):
status: In Progress → Fix Released
Julian Andres Klode (juliank) wrote :

Fixes for other releases are queued up in git for the next SRUs (which include some more substantial changes)

Hello Eric, or anyone else affected,

Accepted apt into cosmic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.7.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-cosmic to verification-done-cosmic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-cosmic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in apt (Ubuntu Cosmic):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-cosmic
Changed in apt (Ubuntu Bionic):
status: In Progress → Fix Committed
tags: added: verification-needed-bionic
Brian Murray (brian-murray) wrote :

Hello Eric, or anyone else affected,

Accepted apt into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.6.9 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Brian Murray (brian-murray) wrote :

Hello Eric, or anyone else affected,

Accepted apt into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.2.30 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in apt (Ubuntu Xenial):
status: In Progress → Fix Committed
tags: added: verification-needed-xenial
Julian Andres Klode (juliank) wrote :

Verfied cosmic 1.7.3:

# man sources.list apt_preferences | grep cosmic
           deb http://us.archive.ubuntu.com/ubuntu cosmic main restricted
           deb http://security.ubuntu.com/ubuntu cosmic-security main restricted
           deb http://us.archive.ubuntu.com/ubuntu cosmic-updates main restricted
           Suites: cosmic cosmic-updates
           Suites: cosmic-security
       priority 990 to all packages from a release starting with cosmic.
           Pin: release n=cosmic*
root@test1:~# grep cosmic /usr/share/doc/apt/examples/sources.list
deb http://us.archive.ubuntu.com/ubuntu cosmic main restricted
deb-src http://us.archive.ubuntu.com/ubuntu cosmic main restricted
deb http://security.ubuntu.com/ubuntu cosmic-security main restricted
deb-src http://security.ubuntu.com/ubuntu cosmic-security main restricted
deb http://us.archive.ubuntu.com/ubuntu cosmic-updates main restricted
deb-src http://us.archive.ubuntu.com/ubuntu cosmic-updates main restricted

Julian Andres Klode (juliank) wrote :

bionic 1.6.9 verified:

# man sources.list apt_preferences | grep bionic; grep -H bionic /usr/share/doc/apt/examples/sources.list
           deb http://us.archive.ubuntu.com/ubuntu bionic main restricted
           deb http://security.ubuntu.com/ubuntu bionic-security main restricted
           deb http://us.archive.ubuntu.com/ubuntu bionic-updates main restricted
           Suites: bionic bionic-updates
           Suites: bionic-security
       priority 990 to all packages from a release starting with bionic.
           Pin: release n=bionic*
/usr/share/doc/apt/examples/sources.list:deb http://us.archive.ubuntu.com/ubuntu bionic main restricted
/usr/share/doc/apt/examples/sources.list:deb-src http://us.archive.ubuntu.com/ubuntu bionic main restricted
/usr/share/doc/apt/examples/sources.list:deb http://security.ubuntu.com/ubuntu bionic-security main restricted
/usr/share/doc/apt/examples/sources.list:deb-src http://security.ubuntu.com/ubuntu bionic-security main restricted
/usr/share/doc/apt/examples/sources.list:deb http://us.archive.ubuntu.com/ubuntu bionic-updates main restricted
/usr/share/doc/apt/examples/sources.list:deb-src http://us.archive.ubuntu.com/ubuntu bionic-updates main restricted

Julian Andres Klode (juliank) wrote :

xenial 1.2.30 verified:

           deb http://us.archive.ubuntu.com/ubuntu xenial main restricted
           deb http://security.ubuntu.com/ubuntu xenial-security main restricted
           deb http://us.archive.ubuntu.com/ubuntu xenial-updates main restricted
           Suites: xenial xenial-updates
           Suites: xenial-security
       priority 990 to all packages from a release starting with xenial.
           Pin: release n=xenial*
/usr/share/doc/apt/examples/sources.list:deb http://us.archive.ubuntu.com/ubuntu xenial main restricted
/usr/share/doc/apt/examples/sources.list:deb-src http://us.archive.ubuntu.com/ubuntu xenial main restricted
/usr/share/doc/apt/examples/sources.list:deb http://security.ubuntu.com/ubuntu xenial-security main restricted
/usr/share/doc/apt/examples/sources.list:deb-src http://security.ubuntu.com/ubuntu xenial-security main restricted
/usr/share/doc/apt/examples/sources.list:deb http://us.archive.ubuntu.com/ubuntu xenial-updates main restricted
/usr/share/doc/apt/examples/sources.list:deb-src http://us.archive.ubuntu.com/ubuntu xenial-updates main restricted

tags: added: verification-done verification-done-bionic verification-done-cosmic verification-done-xenial
removed: verification-needed verification-needed-bionic verification-needed-cosmic verification-needed-xenial
Łukasz Zemczak (sil2100) wrote :

Hello Eric, or anyone else affected,

Accepted apt into cosmic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.7.4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-cosmic to verification-done-cosmic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-cosmic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

tags: added: verification-needed verification-needed-cosmic
removed: verification-done verification-done-cosmic
tags: added: verification-needed-bionic
removed: verification-done-bionic
Łukasz Zemczak (sil2100) wrote :

Hello Eric, or anyone else affected,

Accepted apt into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.6.10 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

tags: added: verification-needed-xenial
removed: verification-done-xenial
Łukasz Zemczak (sil2100) wrote :

Hello Eric, or anyone else affected,

Accepted apt into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.2.31 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

João Pedro Seara (jpseara) wrote :

Package: apt-1.6.10
Series: Bionic
OS: Ubuntu 18.04.1 LTS

Bug fix verified with success.

Package: apt-1.2.31
Series: Xenial
OS: Ubuntu 16.04.5 LTS

Bug fix verified with success.

tags: added: verification-done-bionic verification-done-xenial
removed: verification-needed-bionic verification-needed-xenial
Julian Andres Klode (juliank) wrote :

Cosmic remains fixed as well.

tags: added: verification-done verification-done-cosmic
removed: verification-needed verification-needed-cosmic
Julian Andres Klode (juliank) wrote :

(cosmic being 1.7.4)

no longer affects: apt (Ubuntu Trusty)

The verification of the Stable Release Update for apt has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 1.7.4

---------------
apt (1.7.4) cosmic; urgency=medium

  * Fix name of APT::Update::Post-Invoke-Stats (was ...Update-Post...)
  * CMake: Install auth.conf.d directory (LP: #1818996)
  * Merge translations from 1.8.0

apt (1.7.3) cosmic; urgency=medium

  [ Michael Vogt ]
  * private-json-hooks.cc: deal with EPIPE (LP: #1814543)

  [ Julian Andres Klode ]
  * Introduce experimental 'never' pinning for sources (LP: #1814727)
  * Add a Packages-Require-Authorization Release file field (LP: #1814727)
  * doc: Set ubuntu-codename to cosmic (LP: #1812696)
  * update: Provide APT::Update-Post-Invoke-Stats script hook point
    (LP: #1815760)
  * Introduce APT::Install::Pre-Invoke / Post-Invoke-Success (LP: #1815761)

 -- Julian Andres Klode <email address hidden> Mon, 11 Mar 2019 10:31:46 +0100

Changed in apt (Ubuntu Cosmic):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 1.6.10

---------------
apt (1.6.10) bionic; urgency=medium

  * Fix name of APT::Update::Post-Invoke-Stats (was ...Update-Post...)
  * CMake: Install auth.conf.d directory (LP: #1818996)
  * Merge translations from 1.7.4

apt (1.6.9) bionic; urgency=medium

  [ Michael Vogt ]
  * private-json-hooks.cc: deal with EPIPE (LP: #1814543)

  [ Julian Andres Klode ]
  * Introduce experimental 'never' pinning for sources (LP: #1814727)
  * Add a Packages-Require-Authorization Release file field (LP: #1814727)
  * doc: Set ubuntu-codename to bionic (LP: #1812696)
  * update: Provide APT::Update-Post-Invoke-Stats script hook point
    (LP: #1815760)
  * Introduce APT::Install::Pre-Invoke / Post-Invoke-Success (LP: #1815761)

 -- Julian Andres Klode <email address hidden> Mon, 11 Mar 2019 10:34:07 +0100

Changed in apt (Ubuntu Bionic):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 1.2.31

---------------
apt (1.2.31) xenial; urgency=medium

  * Fix name of APT::Update::Post-Invoke-Stats (was ...Update-Post...)
  * apt.dirs: Install auth.conf.d directory (LP: #1818996)
  * Merge translations from 1.6.10 (via 1.4.y branch)

apt (1.2.30) xenial; urgency=medium

  * merge security upload for content injection in http method (CVE-2019-3462);
    with fixed autopkgtest (LP: #1815750)
  * Introduce experimental 'never' pinning for sources (LP: #1814727)
  * Add support for /etc/apt/auth.conf.d/*.conf (netrcparts) (LP: #1811120)
  * Add a Packages-Require-Authorization Release file field (LP: #1814727)
  * NeverAutoRemove kernel meta packages (LP: #1787460)
  * doc: Set ubuntu-codename to xenial (LP: #1812696)
  * update: Provide APT::Update-Post-Invoke-Stats script hook point
    (LP: #1815760)
  * Introduce APT::Install::Pre-Invoke / Post-Invoke-Success (LP: #1815761)

 -- Julian Andres Klode <email address hidden> Tue, 12 Mar 2019 14:59:01 +0100

Changed in apt (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers