Package: unattended-upgrades
Version: 0.83.3
see also
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1167053
If APT::Get::AllowUnauthenticated is set to true, it looks like no package
validation is done and no packages will be installed because all untrusted
packages are silently added to the blacklist
If a package is added to the blacklist, it should log why, and if
unauthenticated packages are allowed, they should not be added to the blacklist
I would suggest one of the two patches below be applied
David Lang
--- /usr/bin/unattended-upgrade 2014-04-02 13:52:19.000000000 -0700
+++ /usr/bin/unattended-upgrade.local 2015-01-15 17:26:47.273378190 -0800
@@ -1028,7 +1028,8 @@
logging.error("Download finished, but file '%s' not "
"there?!?" % item.destfile)
sys.exit(1)
- if not item.is_trusted:
+ if not item.is_trusted and not apt_pkg.config.find_b(
+ "APT::Get::AllowUnauthenticated", True):
blacklisted_pkgs.append(pkgname_from_deb(item.destfile))
if conffile_prompt(item.destfile):
# skip package (means to re-run the whole marking again
or possibly
--- /usr/bin/unattended-upgrade 2014-04-02 13:52:19.000000000 -0700
+++ /usr/bin/unattended-upgrade.local 2015-01-15 17:26:47.273378190 -0800
@@ -1028,7 +1028,8 @@
logging.error("Download finished, but file '%s' not "
"there?!?" % item.destfile)
sys.exit(1)
- if not item.is_trusted:
+ if not item.is_trusted and not apt_pkg.config.find_b(
+ "APT::Get::AllowUnauthenticated", True):
blacklisted_pkgs.append(pkgname_from_deb(item.destfile))
+ logging.debug("%s blacklisted because it's not trusted"
% pkgname_from_deb(item.destfile))
if conffile_prompt(item.destfile):
# skip package (means to re-run the whole marking again
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
