| 2019-12-19 21:02:02 |
Chad Smith |
bug |
|
|
added bug |
| 2019-12-19 21:02:31 |
Chad Smith |
nominated for series |
|
Ubuntu Bionic |
|
| 2019-12-19 21:02:31 |
Chad Smith |
bug task added |
|
unattended-upgrades (Ubuntu Bionic) |
|
| 2019-12-19 21:02:31 |
Chad Smith |
nominated for series |
|
Ubuntu Trusty |
|
| 2019-12-19 21:02:31 |
Chad Smith |
bug task added |
|
unattended-upgrades (Ubuntu Trusty) |
|
| 2019-12-19 21:02:31 |
Chad Smith |
nominated for series |
|
Ubuntu Xenial |
|
| 2019-12-19 21:02:31 |
Chad Smith |
bug task added |
|
unattended-upgrades (Ubuntu Xenial) |
|
| 2019-12-19 21:13:41 |
Chad Smith |
summary |
Please add ${distro_id}ESM:${distro_codename}-infra-security and t${distro_id}ESM:${distro_codename}-apps-securityo allowed origins (on Ubuntu) |
Please add ${distro_id}ESM:${distro_codename}-infra-security and ${distro_id}ESM:${distro_codename}-apps-security to allowed origins (on Ubuntu) |
|
| 2019-12-19 21:30:37 |
Joshua Powers |
bug |
|
|
added subscriber Joshua Powers |
| 2019-12-31 12:54:09 |
Michael Russell |
bug |
|
|
added subscriber Michael Russell |
| 2020-01-16 19:54:11 |
Balint Reczey |
unattended-upgrades (Ubuntu): status |
New |
Incomplete |
|
| 2020-01-16 19:54:14 |
Balint Reczey |
unattended-upgrades (Ubuntu): status |
Incomplete |
In Progress |
|
| 2020-01-16 19:55:48 |
Balint Reczey |
unattended-upgrades (Ubuntu): importance |
Undecided |
High |
|
| 2020-01-16 20:29:42 |
Balint Reczey |
unattended-upgrades (Ubuntu): status |
In Progress |
Incomplete |
|
| 2020-01-16 21:16:15 |
Chad Smith |
description |
ESM <distro>-infra-security and <distro>-apps-security will need to participate in unattended upgrades. |
ESM <distro>-infra-security and <distro>-apps-security will need to participate in unattended upgrades.
Currently /etc/apt/apt.conf.d/50unattended-upgrades provides:
Unattended-Upgrade::Allowed-Origins {
"${distro_id}ESM:${distro_codename}";
}
Given that there have been ESM apt pocket renames over the last few months, the above ESM allowed-origin should not apply anymore and can be dropped or replaced.
See RT #C122697 and #C121067 for the pocket/suite renames related to ESM
What is needed after the ESM apt pocket/suite renames:
Support for unattended upgrades for ESM for Infrastructure customers:
Unattended-Upgrade::Allowed-Origins {
// Extended Security Maintenance; doesn't necessarily exist for
// every release and this system may not have it installed, but if
// available, the policy for updates is such that unattended-upgrades
// should also install from here by default.
"${distro_id}ESM:${distro_codename}-infra-security";
"${distro_id}ESMApps:${distro_codename}-apps-security";
};
Confirmed proper origin on an attached Trusty instance with ESM-infra enabled:
500 https://esm.ubuntu.com/ubuntu/ trusty-infra-security/main amd64 Packages
release v=14.04,o=UbuntuESM,a=trusty-infra-security,n=trusty,l=UbuntuESM,c=main
Confirmed proper origins on Bionic for enabled ESM-infra and ESM-apps on an AWS Ubuntu PRO instance:
500 https://esm.ubuntu.com/infra/ubuntu bionic-infra-security/main amd64 Packages
release v=18.04,o=UbuntuESM,a=bionic-infra-security,n=bionic,l=UbuntuESM,c=main,b=amd64
500 https://esm.ubuntu.com/apps/ubuntu bionic-apps-security/main amd64 Packages
release v=18.04,o=UbuntuESMApps,a=bionic-apps-security,n=bionic,l=UbuntuESMApps,c=main,b=amd64 |
|
| 2020-01-16 21:16:33 |
Chad Smith |
description |
ESM <distro>-infra-security and <distro>-apps-security will need to participate in unattended upgrades.
Currently /etc/apt/apt.conf.d/50unattended-upgrades provides:
Unattended-Upgrade::Allowed-Origins {
"${distro_id}ESM:${distro_codename}";
}
Given that there have been ESM apt pocket renames over the last few months, the above ESM allowed-origin should not apply anymore and can be dropped or replaced.
See RT #C122697 and #C121067 for the pocket/suite renames related to ESM
What is needed after the ESM apt pocket/suite renames:
Support for unattended upgrades for ESM for Infrastructure customers:
Unattended-Upgrade::Allowed-Origins {
// Extended Security Maintenance; doesn't necessarily exist for
// every release and this system may not have it installed, but if
// available, the policy for updates is such that unattended-upgrades
// should also install from here by default.
"${distro_id}ESM:${distro_codename}-infra-security";
"${distro_id}ESMApps:${distro_codename}-apps-security";
};
Confirmed proper origin on an attached Trusty instance with ESM-infra enabled:
500 https://esm.ubuntu.com/ubuntu/ trusty-infra-security/main amd64 Packages
release v=14.04,o=UbuntuESM,a=trusty-infra-security,n=trusty,l=UbuntuESM,c=main
Confirmed proper origins on Bionic for enabled ESM-infra and ESM-apps on an AWS Ubuntu PRO instance:
500 https://esm.ubuntu.com/infra/ubuntu bionic-infra-security/main amd64 Packages
release v=18.04,o=UbuntuESM,a=bionic-infra-security,n=bionic,l=UbuntuESM,c=main,b=amd64
500 https://esm.ubuntu.com/apps/ubuntu bionic-apps-security/main amd64 Packages
release v=18.04,o=UbuntuESMApps,a=bionic-apps-security,n=bionic,l=UbuntuESMApps,c=main,b=amd64 |
ESM <distro>-infra-security and <distro>-apps-security will need to participate in unattended upgrades.
Currently /etc/apt/apt.conf.d/50unattended-upgrades provides:
Unattended-Upgrade::Allowed-Origins {
"${distro_id}ESM:${distro_codename}";
}
Given that there have been ESM apt pocket renames over the last few months, the above ESM allowed-origin should not apply anymore and can be dropped or replaced.
See RT #C122697 and #C121067 for the pocket/suite renames related to ESM
What is needed after the ESM apt pocket/suite renames:
Support for unattended upgrades for ESM for Infrastructure customers:
Unattended-Upgrade::Allowed-Origins {
// Extended Security Maintenance; doesn't necessarily exist for
// every release and this system may not have it installed, but if
// available, the policy for updates is such that unattended-upgrades
// should also install from here by default.
"${distro_id}ESM:${distro_codename}-infra-security";
"${distro_id}ESMApps:${distro_codename}-apps-security";
};
=== Confirmed proper origin on an attached Trusty instance with ESM-infra enabled:
500 https://esm.ubuntu.com/ubuntu/ trusty-infra-security/main amd64 Packages
release v=14.04,o=UbuntuESM,a=trusty-infra-security,n=trusty,l=UbuntuESM,c=main
=== Confirmed proper origins on Bionic for enabled ESM-infra and ESM-apps on an AWS Ubuntu PRO instance:
500 https://esm.ubuntu.com/infra/ubuntu bionic-infra-security/main amd64 Packages
release v=18.04,o=UbuntuESM,a=bionic-infra-security,n=bionic,l=UbuntuESM,c=main,b=amd64
500 https://esm.ubuntu.com/apps/ubuntu bionic-apps-security/main amd64 Packages
release v=18.04,o=UbuntuESMApps,a=bionic-apps-security,n=bionic,l=UbuntuESMApps,c=main,b=amd64 |
|
| 2020-01-16 21:18:21 |
Chad Smith |
summary |
Please add ${distro_id}ESM:${distro_codename}-infra-security and ${distro_id}ESM:${distro_codename}-apps-security to allowed origins (on Ubuntu) |
Please add ${distro_id}ESM:${distro_codename}-infra-security and ${distro_id}ESMApps:${distro_codename}-apps-security to allowed origins (on Ubuntu) |
|
| 2020-01-18 02:28:25 |
Chad Smith |
unattended-upgrades (Ubuntu): status |
Incomplete |
New |
|
| 2020-01-23 06:28:32 |
Joshua Powers |
description |
ESM <distro>-infra-security and <distro>-apps-security will need to participate in unattended upgrades.
Currently /etc/apt/apt.conf.d/50unattended-upgrades provides:
Unattended-Upgrade::Allowed-Origins {
"${distro_id}ESM:${distro_codename}";
}
Given that there have been ESM apt pocket renames over the last few months, the above ESM allowed-origin should not apply anymore and can be dropped or replaced.
See RT #C122697 and #C121067 for the pocket/suite renames related to ESM
What is needed after the ESM apt pocket/suite renames:
Support for unattended upgrades for ESM for Infrastructure customers:
Unattended-Upgrade::Allowed-Origins {
// Extended Security Maintenance; doesn't necessarily exist for
// every release and this system may not have it installed, but if
// available, the policy for updates is such that unattended-upgrades
// should also install from here by default.
"${distro_id}ESM:${distro_codename}-infra-security";
"${distro_id}ESMApps:${distro_codename}-apps-security";
};
=== Confirmed proper origin on an attached Trusty instance with ESM-infra enabled:
500 https://esm.ubuntu.com/ubuntu/ trusty-infra-security/main amd64 Packages
release v=14.04,o=UbuntuESM,a=trusty-infra-security,n=trusty,l=UbuntuESM,c=main
=== Confirmed proper origins on Bionic for enabled ESM-infra and ESM-apps on an AWS Ubuntu PRO instance:
500 https://esm.ubuntu.com/infra/ubuntu bionic-infra-security/main amd64 Packages
release v=18.04,o=UbuntuESM,a=bionic-infra-security,n=bionic,l=UbuntuESM,c=main,b=amd64
500 https://esm.ubuntu.com/apps/ubuntu bionic-apps-security/main amd64 Packages
release v=18.04,o=UbuntuESMApps,a=bionic-apps-security,n=bionic,l=UbuntuESMApps,c=main,b=amd64 |
[Impact]
* Changes to the ESM repo naming and the introduction of the new esm-infra and esm-apps suites require an update to unattended-upgrades to ensure the security pockets are used.
* This change will ensure users are actually receiving updates, where as today they will not without making manual changes.
[Test Case]
* 1) Bionic and Xenial ESM-Apps/ESM-infra with Ubuntu Pro
* 2) Trusty ESM
[Regression Potential]
* This change is ensuring users actually receive security updates when using ESM. Therefore, 1) users of ESM-apps on Ubuntu Pro and 2) ESM-infra on Trusty will be the only users affected.
* The possible issue would be if/when users receive actual security updates that then regress or cause issues to the system.
[Other Info]
Previous description:
ESM <distro>-infra-security and <distro>-apps-security will need to participate in unattended upgrades.
Currently /etc/apt/apt.conf.d/50unattended-upgrades provides:
Unattended-Upgrade::Allowed-Origins {
"${distro_id}ESM:${distro_codename}";
}
Given that there have been ESM apt pocket renames over the last few months, the above ESM allowed-origin should not apply anymore and can be dropped or replaced.
See RT #C122697 and #C121067 for the pocket/suite renames related to ESM
What is needed after the ESM apt pocket/suite renames:
Support for unattended upgrades for ESM for Infrastructure customers:
Unattended-Upgrade::Allowed-Origins {
// Extended Security Maintenance; doesn't necessarily exist for
// every release and this system may not have it installed, but if
// available, the policy for updates is such that unattended-upgrades
// should also install from here by default.
"${distro_id}ESM:${distro_codename}-infra-security";
"${distro_id}ESMApps:${distro_codename}-apps-security";
};
=== Confirmed proper origin on an attached Trusty instance with ESM-infra enabled:
500 https://esm.ubuntu.com/ubuntu/ trusty-infra-security/main amd64 Packages
release v=14.04,o=UbuntuESM,a=trusty-infra-security,n=trusty,l=UbuntuESM,c=main
=== Confirmed proper origins on Bionic for enabled ESM-infra and ESM-apps on an AWS Ubuntu PRO instance:
500 https://esm.ubuntu.com/infra/ubuntu bionic-infra-security/main amd64 Packages
release v=18.04,o=UbuntuESM,a=bionic-infra-security,n=bionic,l=UbuntuESM,c=main,b=amd64
500 https://esm.ubuntu.com/apps/ubuntu bionic-apps-security/main amd64 Packages
release v=18.04,o=UbuntuESMApps,a=bionic-apps-security,n=bionic,l=UbuntuESMApps,c=main,b=amd64 |
|
| 2020-01-27 13:29:50 |
Francis Ginther |
tags |
|
id-5e2af6c2292b6f85495764a9 |
|
| 2020-01-28 16:45:02 |
Chad Smith |
unattended-upgrades (Ubuntu): status |
New |
In Progress |
|
| 2020-02-06 23:14:35 |
Launchpad Janitor |
unattended-upgrades (Ubuntu): status |
In Progress |
Fix Released |
|
| 2020-02-17 17:23:16 |
Łukasz Zemczak |
unattended-upgrades (Ubuntu Eoan): status |
New |
Fix Committed |
|
| 2020-02-17 17:23:17 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2020-02-17 17:23:19 |
Łukasz Zemczak |
bug |
|
|
added subscriber SRU Verification |
| 2020-02-17 17:23:22 |
Łukasz Zemczak |
tags |
id-5e2af6c2292b6f85495764a9 |
id-5e2af6c2292b6f85495764a9 verification-needed verification-needed-eoan |
|
| 2020-02-17 17:40:18 |
Łukasz Zemczak |
unattended-upgrades (Ubuntu Bionic): status |
New |
Fix Committed |
|
| 2020-02-17 17:40:22 |
Łukasz Zemczak |
tags |
id-5e2af6c2292b6f85495764a9 verification-needed verification-needed-eoan |
id-5e2af6c2292b6f85495764a9 verification-needed verification-needed-bionic verification-needed-eoan |
|
| 2020-02-17 17:41:17 |
Łukasz Zemczak |
unattended-upgrades (Ubuntu Xenial): status |
New |
Fix Committed |
|
| 2020-02-17 17:41:23 |
Łukasz Zemczak |
tags |
id-5e2af6c2292b6f85495764a9 verification-needed verification-needed-bionic verification-needed-eoan |
id-5e2af6c2292b6f85495764a9 verification-needed verification-needed-bionic verification-needed-eoan verification-needed-xenial |
|
| 2020-02-19 00:43:12 |
Chad Smith |
tags |
id-5e2af6c2292b6f85495764a9 verification-needed verification-needed-bionic verification-needed-eoan verification-needed-xenial |
id-5e2af6c2292b6f85495764a9 verification-done-bionic verification-needed verification-needed-eoan verification-needed-xenial |
|
| 2020-02-19 04:01:28 |
Chad Smith |
tags |
id-5e2af6c2292b6f85495764a9 verification-done-bionic verification-needed verification-needed-eoan verification-needed-xenial |
id-5e2af6c2292b6f85495764a9 verification-dibe-xenial verification-done-bionic verification-needed verification-needed-eoan |
|
| 2020-02-19 04:26:13 |
Chad Smith |
tags |
id-5e2af6c2292b6f85495764a9 verification-dibe-xenial verification-done-bionic verification-needed verification-needed-eoan |
id-5e2af6c2292b6f85495764a9 verification-dibe-xenial verification-done-bionic verification-failed-eoan verification-needed |
|
| 2020-02-19 15:25:26 |
Joshua Powers |
tags |
id-5e2af6c2292b6f85495764a9 verification-dibe-xenial verification-done-bionic verification-failed-eoan verification-needed |
id-5e2af6c2292b6f85495764a9 verification-dibe-xenial verification-done-bionic verification-needed verification-needed-eoan |
|
| 2020-02-19 15:26:00 |
Joshua Powers |
tags |
id-5e2af6c2292b6f85495764a9 verification-dibe-xenial verification-done-bionic verification-needed verification-needed-eoan |
id-5e2af6c2292b6f85495764a9 verification-done-bionic verification-done-xenial verification-needed verification-needed-eoan |
|
| 2020-02-21 18:47:48 |
Steve Langasek |
unattended-upgrades (Ubuntu Trusty): status |
New |
Won't Fix |
|
| 2020-02-21 19:08:18 |
Joshua Powers |
unattended-upgrades (Ubuntu Trusty): status |
Won't Fix |
In Progress |
|
| 2020-02-21 20:28:18 |
Chad Smith |
tags |
id-5e2af6c2292b6f85495764a9 verification-done-bionic verification-done-xenial verification-needed verification-needed-eoan |
id-5e2af6c2292b6f85495764a9 verification-done verification-done-bionic verification-done-eoan verification-done-xenial |
|
| 2020-02-21 20:30:03 |
Chad Smith |
tags |
id-5e2af6c2292b6f85495764a9 verification-done verification-done-bionic verification-done-eoan verification-done-xenial |
id-5e2af6c2292b6f85495764a9 verification-done verification-done-bionic verification-done-xenial verification-needed-eoan |
|
| 2020-02-21 21:09:50 |
Chad Smith |
tags |
id-5e2af6c2292b6f85495764a9 verification-done verification-done-bionic verification-done-xenial verification-needed-eoan |
id-5e2af6c2292b6f85495764a9 verification-done verification-done-bionic verification-done-eoan verification-done-xenial |
|
| 2020-02-21 21:10:03 |
Chad Smith |
unattended-upgrades (Ubuntu Trusty): status |
In Progress |
Won't Fix |
|
| 2020-02-27 11:31:39 |
Launchpad Janitor |
unattended-upgrades (Ubuntu Eoan): status |
Fix Committed |
Fix Released |
|
| 2020-02-27 11:31:44 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2020-02-27 11:35:57 |
Launchpad Janitor |
unattended-upgrades (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2020-02-27 11:37:04 |
Launchpad Janitor |
unattended-upgrades (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
