openssl maintainer scripts do not trigger services restart
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssl (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
Cosmic |
Won't Fix
|
Undecided
|
Unassigned | ||
Disco |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
* Major libssl ugprades require services to be restarted, for them to continue to function correctly at runtime.
* The maintainer scripts were not adjusted to trigger.
[Test Case]
* Install bionic from release pocket and install ssl using daemon e.g. openssh-server libapache-mod-ssl
* Upgrade libssl1.1
* Ensure that services that use openssl are offered to be restarted.
[Regression Potential]
* We are rebuilding libssl1.1 and changing maintainer scripts. Given that we have missed upgrade trigger, we will ask users to restart services again even if they may have restarted them already.
[Other Info]
* Previous major libssl upgrade issue of similar nature was
https:/
CVE References
Changed in openssl (Ubuntu): | |
status: | Confirmed → Fix Committed |
Changed in openssl (Ubuntu Cosmic): | |
status: | Fix Committed → Won't Fix |
tags: | removed: removal-candidate verification-needed verification-needed-cosmic |
Hello Dimitri, or anyone else affected,
Accepted openssl into bionic-proposed. The package will build now and be available at https:/ /launchpad. net/ubuntu/ +source/ openssl/ 1.1.1-1ubuntu2. 1~18.04. 2 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https:/ /wiki.ubuntu. com/Testing/ EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification- needed- bionic to verification- done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed- bionic. In either case, without details of your testing we will not be able to proceed.
Further information regarding the verification process can be found at https:/ /wiki.ubuntu. com/QATeam/ PerformingSRUVe rification . Thank you in advance for helping!
N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.