[SRU] Unattended-upgrades silently does not apply updates when MinimalSteps is disabled and there are autoremovable kernels
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
unattended-upgrades (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
Disco |
Fix Released
|
Undecided
|
Unassigned | ||
Eoan |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
* When autoremovable kernel packages are present on the system, there are updates to apply and Unattended-
* The root cause is u-u not cleaning the dirty cache between operations and also relying on having a cache with packages marked to be installed when applying updates in one shot.
* The fix is clearing the cache between operations and marking packages before installing them in one shot.
[Test Case]
* Install kernel-related packages, mark them as automatically installed to make them auto-removable ones.
* Downgrade a few packages to a version lower than what is present in the security pocket.
* Set Unattended-
# echo 'Unattended-
* Run u-u:
# unattended-upgrade --verbose --debug
* Observe fixed versions removing the kernel packages properly and also upgrading packages.
[Regression Potential]
* The changes introduce marking packages to install/upgrade and clearing the cache more often. The added operations slow down u-u, but clearing the cache adds a few 100 milliseconds on typical hardware and marking upgradable packages is also in the same range.
* Functional regressions are unlikely due to those changes since the fixes are present in 19.04 and later releases and the extensive autopkgtest also covers when upgrades are performed in minimal steps.
[Other Info]
* While this bug has a security impact by holding back installation of security updates I don't recommend releasing the fix via the security pocket because this bug occurs only when the local configuration file of u-u is changed and u-u does not hold back upgrades with UCF-managed config file conflicts.
See: https:/
description: | updated |
summary: |
- [SRU] Unattended-upgrades does not apply updates when MinimalSteps is - disabled and there are autoremovable kernels + [SRU] Unattended-upgrades silently does not apply updates when + MinimalSteps is disabled and there are autoremovable kernels |
information type: | Public → Public Security |
Changed in unattended-upgrades (Ubuntu): | |
status: | Confirmed → Fix Released |
Changed in unattended-upgrades (Ubuntu Disco): | |
status: | New → Fix Released |
Changed in unattended-upgrades (Ubuntu Eoan): | |
status: | New → Fix Released |
tags: | added: id-5ddbf97425c5f4266c2b848a |
Status changed to 'Confirmed' because the bug affects multiple users.