| 2019-02-05 12:01:28 |
Julian Andres Klode |
bug |
|
|
added bug |
| 2019-03-01 08:58:08 |
Julian Andres Klode |
description |
[Impact]
These are not driven from a direct user experience, but are related to other developments:
(1) unattended-upgrades could use the never pinning to disable repositories rather than switching candidates. That would simplify code quite a bit.
(2) Packages-Require-Authorization lets a repository declare that downloading packages from it requires authorization. This is useful both for private repositories, as it can prevent unattended-upgrades failures if you remove authorization info; and it also allows creating a new form of semi-private repository, where only pool/ requires authorization.
[Test case]
Tests are included in autopkgtests and cover the common scenarios.
https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-packages-require-authorization:
(1) Add repository with Packages-Require-Authorization and no auth.conf entry: pin -32768
(2) Add repository with Packages-Require-Authorization and a auth.conf entry: pin 500
(3) As (2), but a custom pin still applies
https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-policy-pinning#L365
(1) Test that Pin-Priority: never overrides both per-package pins and per-repository pins
(2) Test that Pin-Priority: never is only applied for per-repository (Package: *) pins
Tests in older releases should be the same, but it's not clear yet. Bug will be updated once the SRUs are ready.
[Regression potential]
The changes might introduce regressions in pinning. The pinning implementation in trusty is substantially different from the other releases, and should thus require more testing. |
[Impact]
These are not driven from a direct user experience, but are related to other developments:
(1) unattended-upgrades could use the never pinning to disable repositories rather than switching candidates. That would simplify code quite a bit.
(2) Packages-Require-Authorization lets a repository declare that downloading packages from it requires authorization. This is useful both for private repositories, as it can prevent unattended-upgrades failures if you remove authorization info; and it also allows creating a new form of semi-private repository, where only pool/ requires authorization.
[Test case]
Tests are included in autopkgtests and cover the common scenarios, except for trusty, where they have to be simulated:
https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-packages-require-authorization:
(1) Add repository with Packages-Require-Authorization and no auth.conf entry: pin -32768
(2) Add repository with Packages-Require-Authorization and a auth.conf entry: pin 500
(3) As (2), but a custom pin still applies
https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-policy-pinning#L365
(1) Test that Pin-Priority: never overrides both per-package pins and per-repository pins
(2) Test that Pin-Priority: never is only applied for per-repository (Package: *) pins
Tests in older releases should be the same, but it's not clear yet. Bug will be updated once the SRUs are ready.
[Regression potential]
The changes might introduce regressions in pinning. The pinning implementation in trusty is substantially different from the other releases, and should thus require more testing. |
|
| 2019-03-01 08:58:25 |
Julian Andres Klode |
nominated for series |
|
Ubuntu Xenial |
|
| 2019-03-01 08:58:25 |
Julian Andres Klode |
bug task added |
|
apt (Ubuntu Xenial) |
|
| 2019-03-01 08:58:25 |
Julian Andres Klode |
nominated for series |
|
Ubuntu Cosmic |
|
| 2019-03-01 08:58:25 |
Julian Andres Klode |
bug task added |
|
apt (Ubuntu Cosmic) |
|
| 2019-03-01 08:58:25 |
Julian Andres Klode |
nominated for series |
|
Ubuntu Trusty |
|
| 2019-03-01 08:58:25 |
Julian Andres Klode |
bug task added |
|
apt (Ubuntu Trusty) |
|
| 2019-03-01 08:58:25 |
Julian Andres Klode |
nominated for series |
|
Ubuntu Disco |
|
| 2019-03-01 08:58:25 |
Julian Andres Klode |
bug task added |
|
apt (Ubuntu Disco) |
|
| 2019-03-01 08:58:25 |
Julian Andres Klode |
nominated for series |
|
Ubuntu Bionic |
|
| 2019-03-01 08:58:25 |
Julian Andres Klode |
bug task added |
|
apt (Ubuntu Bionic) |
|
| 2019-03-01 09:13:05 |
Julian Andres Klode |
description |
[Impact]
These are not driven from a direct user experience, but are related to other developments:
(1) unattended-upgrades could use the never pinning to disable repositories rather than switching candidates. That would simplify code quite a bit.
(2) Packages-Require-Authorization lets a repository declare that downloading packages from it requires authorization. This is useful both for private repositories, as it can prevent unattended-upgrades failures if you remove authorization info; and it also allows creating a new form of semi-private repository, where only pool/ requires authorization.
[Test case]
Tests are included in autopkgtests and cover the common scenarios, except for trusty, where they have to be simulated:
https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-packages-require-authorization:
(1) Add repository with Packages-Require-Authorization and no auth.conf entry: pin -32768
(2) Add repository with Packages-Require-Authorization and a auth.conf entry: pin 500
(3) As (2), but a custom pin still applies
https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-policy-pinning#L365
(1) Test that Pin-Priority: never overrides both per-package pins and per-repository pins
(2) Test that Pin-Priority: never is only applied for per-repository (Package: *) pins
Tests in older releases should be the same, but it's not clear yet. Bug will be updated once the SRUs are ready.
[Regression potential]
The changes might introduce regressions in pinning. The pinning implementation in trusty is substantially different from the other releases, and should thus require more testing. |
[Impact]
These are not driven from a direct user experience, but are related to other developments:
(1) unattended-upgrades could use the never pinning to disable repositories rather than switching candidates. That would simplify code quite a bit.
(2) Packages-Require-Authorization lets a repository declare that downloading packages from it requires authorization. This is useful both for private repositories, as it can prevent unattended-upgrades failures if you remove authorization info; and it also allows creating a new form of semi-private repository, where only pool/ requires authorization.
[Test case]
Tests are included in autopkgtests and cover the common scenarios
https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-packages-require-authorization:
(1) Add repository with Packages-Require-Authorization and no auth.conf entry: pin -32768
(2) Add repository with Packages-Require-Authorization and a auth.conf entry: pin 500
(3) As (2), but a custom pin still applies
https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-policy-pinning#L365
(1) Test that Pin-Priority: never overrides both per-package pins and per-repository pins
(2) Test that Pin-Priority: never is only applied for per-repository (Package: *) pins
Tests in older releases should be the same, but it's not clear yet. Bug will be updated once the SRUs are ready.
[Regression potential]
The changes might introduce regressions in pinning. The pinning implementation in trusty is substantially different from the other releases, and should thus require more testing. |
|
| 2019-03-01 12:06:32 |
Julian Andres Klode |
apt (Ubuntu Trusty): status |
New |
In Progress |
|
| 2019-03-01 12:06:34 |
Julian Andres Klode |
apt (Ubuntu Xenial): status |
New |
In Progress |
|
| 2019-03-01 12:06:37 |
Julian Andres Klode |
apt (Ubuntu Bionic): status |
New |
In Progress |
|
| 2019-03-01 12:06:38 |
Julian Andres Klode |
apt (Ubuntu Cosmic): status |
New |
In Progress |
|
| 2019-03-01 12:06:41 |
Julian Andres Klode |
apt (Ubuntu Disco): status |
New |
In Progress |
|
| 2019-03-05 20:12:44 |
Brian Murray |
apt (Ubuntu Cosmic): status |
In Progress |
Incomplete |
|
| 2019-03-05 20:12:59 |
Brian Murray |
apt (Ubuntu Disco): status |
In Progress |
Incomplete |
|
| 2019-03-05 20:34:30 |
Julian Andres Klode |
apt (Ubuntu Disco): status |
Incomplete |
Fix Released |
|
| 2019-03-05 22:08:34 |
Brian Murray |
apt (Ubuntu Cosmic): status |
Incomplete |
Fix Committed |
|
| 2019-03-05 22:08:36 |
Brian Murray |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2019-03-05 22:08:37 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
| 2019-03-05 22:08:41 |
Brian Murray |
tags |
|
verification-needed verification-needed-cosmic |
|
| 2019-03-05 22:11:36 |
Brian Murray |
apt (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
| 2019-03-05 22:11:42 |
Brian Murray |
tags |
verification-needed verification-needed-cosmic |
verification-needed verification-needed-bionic verification-needed-cosmic |
|
| 2019-03-05 22:22:32 |
Brian Murray |
apt (Ubuntu Xenial): status |
In Progress |
Fix Committed |
|
| 2019-03-05 22:22:38 |
Brian Murray |
tags |
verification-needed verification-needed-bionic verification-needed-cosmic |
verification-needed verification-needed-bionic verification-needed-cosmic verification-needed-xenial |
|
| 2019-03-05 22:35:35 |
Brian Murray |
apt (Ubuntu Trusty): status |
In Progress |
Fix Committed |
|
| 2019-03-05 22:35:41 |
Brian Murray |
tags |
verification-needed verification-needed-bionic verification-needed-cosmic verification-needed-xenial |
verification-needed verification-needed-bionic verification-needed-cosmic verification-needed-trusty verification-needed-xenial |
|
| 2019-03-06 11:36:04 |
Julian Andres Klode |
description |
[Impact]
These are not driven from a direct user experience, but are related to other developments:
(1) unattended-upgrades could use the never pinning to disable repositories rather than switching candidates. That would simplify code quite a bit.
(2) Packages-Require-Authorization lets a repository declare that downloading packages from it requires authorization. This is useful both for private repositories, as it can prevent unattended-upgrades failures if you remove authorization info; and it also allows creating a new form of semi-private repository, where only pool/ requires authorization.
[Test case]
Tests are included in autopkgtests and cover the common scenarios
https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-packages-require-authorization:
(1) Add repository with Packages-Require-Authorization and no auth.conf entry: pin -32768
(2) Add repository with Packages-Require-Authorization and a auth.conf entry: pin 500
(3) As (2), but a custom pin still applies
https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-policy-pinning#L365
(1) Test that Pin-Priority: never overrides both per-package pins and per-repository pins
(2) Test that Pin-Priority: never is only applied for per-repository (Package: *) pins
Tests in older releases should be the same, but it's not clear yet. Bug will be updated once the SRUs are ready.
[Regression potential]
The changes might introduce regressions in pinning. The pinning implementation in trusty is substantially different from the other releases, and should thus require more testing. |
[Impact]
These are not driven from a direct user experience, but are related to other developments:
(1) unattended-upgrades could use the never pinning to disable repositories rather than switching candidates. That would simplify code quite a bit.
(2) Packages-Require-Authorization lets a repository declare that downloading packages from it requires authorization. This is useful both for private repositories, as it can prevent unattended-upgrades failures if you remove authorization info; and it also allows creating a new form of semi-private repository, where only pool/ requires authorization.
[Test case]
Tests are included in autopkgtests and cover the common scenarios
https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-packages-require-authorization:
(1) Add repository with Packages-Require-Authorization and no auth.conf entry: pin -32768
(2) Add repository with Packages-Require-Authorization and a auth.conf entry: pin 500
(3) As (2), but a custom pin still applies
https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-policy-pinning#L365
(1) Test that Pin-Priority: never overrides both per-package pins and per-repository pins
(2) Test that Pin-Priority: never is only applied for per-repository (Package: *) pins
[Regression potential]
The changes might introduce regressions in pinning. The pinning implementation in trusty is substantially different from the other releases, and should thus require more testing. |
|
| 2019-03-06 11:37:16 |
Julian Andres Klode |
tags |
verification-needed verification-needed-bionic verification-needed-cosmic verification-needed-trusty verification-needed-xenial |
verification-done verification-done-bionic verification-done-cosmic verification-done-trusty verification-done-xenial |
|
| 2019-03-14 12:09:04 |
Łukasz Zemczak |
tags |
verification-done verification-done-bionic verification-done-cosmic verification-done-trusty verification-done-xenial |
verification-done-bionic verification-done-trusty verification-done-xenial verification-needed verification-needed-cosmic |
|
| 2019-03-14 12:12:52 |
Łukasz Zemczak |
tags |
verification-done-bionic verification-done-trusty verification-done-xenial verification-needed verification-needed-cosmic |
verification-done-trusty verification-done-xenial verification-needed verification-needed-bionic verification-needed-cosmic |
|
| 2019-03-14 12:15:42 |
Łukasz Zemczak |
tags |
verification-done-trusty verification-done-xenial verification-needed verification-needed-bionic verification-needed-cosmic |
verification-done-trusty verification-needed verification-needed-bionic verification-needed-cosmic verification-needed-xenial |
|
| 2019-03-14 12:22:05 |
Łukasz Zemczak |
tags |
verification-done-trusty verification-needed verification-needed-bionic verification-needed-cosmic verification-needed-xenial |
verification-needed verification-needed-bionic verification-needed-cosmic verification-needed-trusty verification-needed-xenial |
|
| 2019-03-15 09:12:35 |
Julian Andres Klode |
tags |
verification-needed verification-needed-bionic verification-needed-cosmic verification-needed-trusty verification-needed-xenial |
verification-done verification-done-bionic verification-done-cosmic verification-done-trusty verification-done-xenial |
|
| 2019-03-21 10:14:05 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2019-03-21 10:14:15 |
Launchpad Janitor |
apt (Ubuntu Cosmic): status |
Fix Committed |
Fix Released |
|
| 2019-03-21 10:28:38 |
Launchpad Janitor |
apt (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-03-21 11:00:26 |
Launchpad Janitor |
apt (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
| 2019-03-21 11:00:26 |
Launchpad Janitor |
cve linked |
|
2019-3462 |
|
| 2019-03-21 11:05:31 |
Launchpad Janitor |
apt (Ubuntu Trusty): status |
Fix Committed |
Fix Released |
|
