This bug was fixed in the package unattended-upgrades - 2.5
---------------
unattended-upgrades (2.5) unstable; urgency=medium
[ Jose Manuel Santamaria Lema ]
* Fix crash occuring when strict whitelist is in use (LP: #1883082)
[ Balint Reczey ]
* Fix indentation and type error
* Fix ambiguous variable name (Closes: #963314)
* Run GitHub Action's autopkgtest on Groovy
-- Balint Reczey <rbal...@ubuntu.com> Tue, 21 Jul 2020 15:42:17 +0200
** Changed in: unattended-upgrades (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1883082
Title:
Crash when using Package-Whitelist-Strict
Status in unattended-upgrades package in Ubuntu:
Fix Released
Status in unattended-upgrades source package in Focal:
New
Bug description:
[Impact]
* Unattended-upgrades crashes when strict whitelist is enabled and
there is an update available.
[Test Case]
Set up a system with at least one updated package available:
$ lxc launch ubuntu:focal ff-uu-strict
Creating ff-uu-strict
Starting ff-uu-strict
$ lxc shell ff-uu-strict
root@ff-uu-strict:~# apt update
...
root@ff-uu-strict:~# apt list --upgradable
Listing... Done
open-vm-tools/focal-updates 2:11.1.0-2~ubuntu20.04.1 amd64 [upgradable
from: 2:11.0.5-4]
N: There is 1 additional version. Please use the '-a' switch to see it
Set up strict whitelist not covering the package:
root@ff-uu-strict:~# echo 'Unattended-Upgrade::Package-Whitelist-Strict
"true";' > /etc/apt/apt.conf.d/51unattended-upgrades-whitelist
root@ff-uu-strict:~# echo 'Unattended-Upgrade::Package-Whitelist {"foo";}'
>> /etc/apt/apt.conf.d/51unattended-upgrades-whitelist
Run unattended-upgrades:
root@ff-uu-strict:~# unattended-upgrade
The fixed version does not crash here, the not fixed one does.
[Regression Potential]
Minimal. The fix adds only one extra check to not crash dereferencing
None.
[Original Bug Text]
Hi,
I'm trying to use unattended-upgrades only with a few packages from a
list; to do that I tried this simple /etc/apt/apt.conf.d/51local-ua
file:
root@focal-ua:~# cat /etc/apt/apt.conf.d/51local-ua
Unattended-Upgrade::Package-Whitelist-Strict "true";
Unattended-Upgrade::Package-Whitelist {
"firefox";
"bash";
"openssh-server";
}
When running unattended-upgrades in dry run mode I get this crash:
root@focal-ua:~# unattended-upgrade --debug --dry-run
Running on the development release
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=focal, o=Ubuntu,a=focal-security,
o=UbuntuESMApps,a=focal-apps-security, o=UbuntuESM,a=focal-infra-security,
o=UbuntuESM,a=focal-security
Initial blacklist:
Initial whitelist (strict): firefox bash openssh-server
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-backports_universe_i18n_Translation-en'
a=focal-backports,c=universe,v=20.04,o=Ubuntu,l=Ubuntu arch=''
site='archive.ubuntu.com' IndexType='Debian Translation Index' Size=2895 ID:17>
with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-backports_universe_binary-amd64_Packages'
a=focal-backports,c=universe,v=20.04,o=Ubuntu,l=Ubuntu arch='amd64'
site='archive.ubuntu.com' IndexType='Debian Package Index' Size=11575 ID:16>
with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_multiverse_i18n_Translation-en'
a=focal-updates,c=multiverse,v=20.04,o=Ubuntu,l=Ubuntu arch=''
site='archive.ubuntu.com' IndexType='Debian Translation Index' Size=783 ID:15>
with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_multiverse_binary-amd64_Packages'
a=focal-updates,c=multiverse,v=20.04,o=Ubuntu,l=Ubuntu arch='amd64'
site='archive.ubuntu.com' IndexType='Debian Package Index' Size=2025 ID:14>
with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_universe_i18n_Translation-en'
a=focal-updates,c=universe,v=20.04,o=Ubuntu,l=Ubuntu arch=''
site='archive.ubuntu.com' IndexType='Debian Translation Index' Size=297335
ID:13> with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_universe_binary-amd64_Packages'
a=focal-updates,c=universe,v=20.04,o=Ubuntu,l=Ubuntu arch='amd64'
site='archive.ubuntu.com' IndexType='Debian Package Index' Size=658122 ID:12>
with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_restricted_i18n_Translation-en'
a=focal-updates,c=restricted,v=20.04,o=Ubuntu,l=Ubuntu arch=''
site='archive.ubuntu.com' IndexType='Debian Translation Index' Size=34222
ID:11> with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_restricted_binary-amd64_Packages'
a=focal-updates,c=restricted,v=20.04,o=Ubuntu,l=Ubuntu arch='amd64'
site='archive.ubuntu.com' IndexType='Debian Package Index' Size=76674 ID:10>
with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_main_i18n_Translation-en'
a=focal-updates,c=main,v=20.04,o=Ubuntu,l=Ubuntu arch=''
site='archive.ubuntu.com' IndexType='Debian Translation Index' Size=660043
ID:9> with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_main_binary-amd64_Packages'
a=focal-updates,c=main,v=20.04,o=Ubuntu,l=Ubuntu arch='amd64'
site='archive.ubuntu.com' IndexType='Debian Package Index' Size=1198660 ID:8>
with -32768 pin
An error occurred: '>' not supported between instances of 'apt_pkg.Version'
and 'int'
Traceback (most recent call last):
File "/usr/bin/unattended-upgrade", line 1983, in main
res = run(options, rootdir, mem_log, logfile_dpkg,
File "/usr/bin/unattended-upgrade", line 2124, in run
cache = UnattendedUpgradesCache(rootdir=rootdir)
File "/usr/bin/unattended-upgrade", line 171, in __init__
apt.Cache.__init__(self, rootdir=rootdir)
File "/usr/lib/python3/dist-packages/apt/cache.py", line 170, in __init__
self.open(progress)
File "/usr/bin/unattended-upgrade", line 330, in open
self.apply_pinning(self.pinning_from_config())
File "/usr/bin/unattended-upgrade", line 302, in pinning_from_config
and policy.get_candidate_ver(pkg) > -1: # type: ignore
TypeError: '>' not supported between instances of 'apt_pkg.Version' and 'int'
Extracting content from
/var/log/unattended-upgrades/unattended-upgrades-dpkg.log since 2020-06-11
09:38:25
Traceback (most recent call last):
File "/usr/bin/unattended-upgrade", line 2512, in <module>
sys.exit(main(options))
File "/usr/bin/unattended-upgrade", line 1983, in main
res = run(options, rootdir, mem_log, logfile_dpkg,
File "/usr/bin/unattended-upgrade", line 2124, in run
cache = UnattendedUpgradesCache(rootdir=rootdir)
File "/usr/bin/unattended-upgrade", line 171, in __init__
apt.Cache.__init__(self, rootdir=rootdir)
File "/usr/lib/python3/dist-packages/apt/cache.py", line 170, in __init__
self.open(progress)
File "/usr/bin/unattended-upgrade", line 330, in open
self.apply_pinning(self.pinning_from_config())
File "/usr/bin/unattended-upgrade", line 302, in pinning_from_config
and policy.get_candidate_ver(pkg) > -1: # type: ignore
TypeError: '>' not supported between instances of 'apt_pkg.Version' and 'int'
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1883082/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
