Openssl should integrate with needrestart better
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| openssl (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned | ||
Bug Description
[Impact]
* needrestart is a better solution to track and restart services that use openssl
* when needrestart is available, openssl should not ask about restarting services or rebooting the host, as needrestart is a better way to report that.
[Test Case]
* Install needrestart
* Upgrade openssl
* Observe that openssl debconf questions about restarting services are not raised, and requirement to reboot the system is not raised
[Regression Potential]
* Needrestart may be installed, but dpkg/apt hooks could have been disabled, in such scenarios one may not see any notifications that one needs to do something to their system to ensure that openssl using applications are restarted to become protected.
[Other Info]
* glibc, libpam potentially need similar fixes.
| Changed in openssl (Ubuntu): | |
| status: | New → Triaged |
| importance: | Undecided → Low |
| importance: | Low → Wishlist |
| Launchpad Janitor (janitor) wrote | #1 |
| Changed in openssl (Ubuntu): | |
| status: | Triaged → Fix Released |
This bug was fixed in the package openssl - 1.1.1f-1ubuntu4
---------------
openssl (1.1.1f-1ubuntu4) groovy; urgency=medium
* Cherrypick upstream fix for non-interactive detection on Linux. LP:
#1879826
* Cherrypick AES CTR-DRGB: performance improvement LP: #1799928
* Skip services restart & reboot notification if needrestart is in-use
LP: #1895708
-- Dimitri John Ledkov <email address hidden> Tue, 15 Sep 2020 18:04:36 +0100