False positive security update

Bug #1878730 reported by Ivan Kurnosov
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
update-notifier (Ubuntu)
New
Undecided
Unassigned

Bug Description

Running `/usr/lib/update-notifier/apt-check` returns `119;1`

If I patch the code to see what package is to be upgraded (eg in the `isSecurityUpgrade` function) - it shows `libpq5`.

The machine has nothing to do and had never ever installed postgresql client

And at the moment it's not installed either

```
$ apt policy libpq5
libpq5:
  Installed: (none)
  Candidate: 10.12-0ubuntu0.18.04.1
  Version table:
     10.12-0ubuntu0.18.04.1 500
        500 http://nz.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages
     10.3-1 500
        500 http://nz.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
```

After debugging some more it looks like

```
            if not (depcache.marked_install(pkg) or
                    depcache.marked_upgrade(pkg)):
                continue
```

this is the condition to blame: I expect the predicate in parentheses to be false - as the package is not marker for install or upgrade.

Revision history for this message
Ivan Kurnosov (zerkms) wrote :

Upd: it's not a single unique case, I have a bunch of other machines (with different roles and a set of installed packages) and all them report `libpq5` as outdated (yet none of them have even it installed)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.