| 2017-04-03 17:54:01 |
Dan Watkins |
bug |
|
|
added bug |
| 2017-04-03 17:56:29 |
Launchpad Janitor |
livecd-rootfs (Ubuntu): status |
New |
Confirmed |
|
| 2017-04-03 17:59:42 |
Dan Watkins |
nominated for series |
|
Ubuntu Xenial |
|
| 2017-04-03 18:03:45 |
Edward Vielmetti |
bug watch added |
|
https://github.com/docker-library/official-images/issues/2804 |
|
| 2017-04-03 18:03:45 |
Edward Vielmetti |
cve linked |
|
2017-7184 |
|
| 2017-04-03 18:04:33 |
Edward Vielmetti |
bug task added |
|
livecd-rootfs |
|
| 2017-04-03 18:09:26 |
Dan Watkins |
attachment added |
|
debdiff https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/1679252/+attachment/4853750/+files/debdiff |
|
| 2017-04-03 18:19:32 |
Edward Vielmetti |
bug |
|
|
added subscriber Edward Vielmetti |
| 2017-04-03 18:24:43 |
Dan Watkins |
description |
In the fix for bug 1513529, we[0] modified livecd-rootfs to write out a sources.list that matches the sources.list in Ubuntu Server installed from an ISO. We (presumably) compared to an Intel installation, and hard-coded security.ubuntu.com as a repo in sources.list.
Unfortunately, packages for non-Intel architectures aren't published to security.ubuntu.com; they are instead published at http://ports.ubuntu.com/ubuntu-ports/. That should be the URL that we configure as the source for $SUITE-security.
[0] Well, *ahem*, _I_. |
[Impact]
Users who don't get a fresh sources.list written out on first boot (e.g. Docker users) can't install updates from xenial-security on non-Intel architectures.
[Test Case]
Run an ubuntu-cpc livefs build for a non-Intel architecture, unpack one of the produced root tarballs, chroot in to it and perform an `apt-get update`. You should see no errors.
[Regression Potential]
This change modifies the sources that apt will use for updates, so the biggest risk for regression is that the fix is malformed and systems become un-updateable (either partially or fully). The test above should catch this.
[Original Report]
In the fix for bug 1513529, we[0] modified livecd-rootfs to write out a sources.list that matches the sources.list in Ubuntu Server installed from an ISO. We (presumably) compared to an Intel installation, and hard-coded security.ubuntu.com as a repo in sources.list.
Unfortunately, packages for non-Intel architectures aren't published to security.ubuntu.com; they are instead published at http://ports.ubuntu.com/ubuntu-ports/. That should be the URL that we configure as the source for $SUITE-security.
[0] Well, *ahem*, _I_. |
|
| 2017-04-03 18:25:33 |
Dan Watkins |
summary |
Non-Intel architectures are configured with security repos that don't work |
Cloud image tarballs for non-Intel architectures are configured with security repos that don't work |
|
| 2017-04-03 18:25:44 |
Dan Watkins |
summary |
Cloud image tarballs for non-Intel architectures are configured with security repos that don't work |
Cloud images for non-Intel architectures are configured with security repos that don't work |
|
| 2017-04-04 00:27:46 |
Ubuntu Foundations Team Bug Bot |
tags |
|
patch |
|
| 2017-04-04 02:04:27 |
Bug Watch Updater |
livecd-rootfs: status |
Unknown |
New |
|
| 2017-04-04 02:23:23 |
Edward Vielmetti |
bug watch added |
|
https://github.com/docker/docker/issues/32335 |
|
| 2017-04-04 15:22:26 |
Adam Conrad |
bug task added |
|
livecd-rootfs (Ubuntu Xenial) |
|
| 2017-04-04 15:28:53 |
Launchpad Janitor |
branch linked |
|
lp:~ubuntu-core-dev/livecd-rootfs/xenial-proposed |
|
| 2017-04-04 15:33:44 |
Adam Conrad |
bug task deleted |
livecd-rootfs |
|
|
| 2017-04-04 15:34:00 |
Adam Conrad |
livecd-rootfs (Ubuntu): status |
Confirmed |
Fix Released |
|
| 2017-04-04 15:35:18 |
Adam Conrad |
livecd-rootfs (Ubuntu Xenial): status |
New |
Fix Committed |
|
| 2017-04-04 15:35:21 |
Adam Conrad |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2017-04-04 15:35:24 |
Adam Conrad |
bug |
|
|
added subscriber SRU Verification |
| 2017-04-04 15:35:30 |
Adam Conrad |
tags |
patch |
patch verification-needed |
|
| 2017-04-05 19:14:02 |
Dan Watkins |
tags |
patch verification-needed |
patch verification-failed |
|
| 2017-04-06 19:03:12 |
mahmoh |
bug |
|
|
added subscriber M.Morana |
| 2017-04-06 19:25:00 |
Edward Vielmetti |
bug watch added |
|
https://github.com/tianon/jenkins-groovy/issues/24 |
|
| 2017-04-07 16:37:31 |
Tianon Gravi |
bug |
|
|
added subscriber Tianon Gravi |
| 2017-04-07 19:54:07 |
Dan Watkins |
attachment added |
|
debdiff https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/1679252/+attachment/4857616/+files/debdiff |
|
| 2017-04-08 06:55:37 |
Steve Langasek |
tags |
patch verification-failed |
patch |
|
| 2017-04-08 06:55:38 |
Steve Langasek |
tags |
patch |
patch verification-needed |
|
| 2017-04-10 15:26:41 |
Dan Watkins |
tags |
patch verification-needed |
patch verification-done |
|
| 2017-04-10 15:54:52 |
Steve Langasek |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2017-04-10 15:55:20 |
Launchpad Janitor |
livecd-rootfs (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
| 2017-09-29 17:46:07 |
Francis Ginther |
tags |
patch verification-done |
id-58e294093da7aa124fcea8a5 patch verification-done |
|
