← Back to team overview

group.of.nepali.translators team mailing list archive

[Bug 1817949] Re: [SRU] 2.37.4

 

This bug was fixed in the package snapd - 2.37.4~14.04.1

---------------
snapd (2.37.4~14.04.1) trusty-security; urgency=medium

  * No change rebuild for trusty-security (LP: #1812973)
    - CVE-2019-7303

 -- Jamie Strandboge <jamie@xxxxxxxxxx>  Fri, 15 Mar 2019 20:00:21 +0000

** Changed in: snapd (Ubuntu Trusty)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-7303

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1817949

Title:
  [SRU] 2.37.4

Status in snapd package in Ubuntu:
  Fix Released
Status in snapd source package in Trusty:
  Fix Released
Status in snapd source package in Xenial:
  Fix Released
Status in snapd source package in Bionic:
  Fix Released
Status in snapd source package in Cosmic:
  Fix Released

Bug description:
  This is a new bugfix release of snapd - it fixes some corner case
  regressions we found in the 2.37 release series.

  The changelog is available here
  https://github.com/snapcore/snapd/blob/2.37.4/packaging/ubuntu-16.04/changelog,
  the raw git changelog is available here:
  https://github.com/snapcore/snapd/commits/2.37.4 (note that the debian
  changelog is auto-generated from the merges of the git commits so
  there is usually no need to look at the raw git commits).

  The travis logs for 2.37.4 can be found here: https://travis-
  ci.org/snapcore/snapd/branches

  We currently have no autopkgtest logs before snapd hits -proposed
  because we got asked to disable our autopkgtest integration as it was
  using too many resources from the autopkgtest infrastructure.

  The snappy team released a new release that we want SRU into xenial.
  The new process described in https://wiki.ubuntu.com/SnapdUpdates was
  used and we have done integration-tests on the snappy images,
  autopkgtests on classic and unit tests.

  = PACKAGING CHANGES =

  1. debian/rules: Fix the apparmor loading order, this change  ensures that the new apparmor profiles are loaded *before* snapd is restarted. The old behaviour was buggy and when jumping from a very old version of snapd the old behaviour would cause snap services to fail to start.
  2. debian/rules: Disable /usr/lib/systemd/system-environment-generators/snapd-env-generator on 18.04 because the systemd environment generator is not working correctly in 18.04 (this triggered LP: #1811233). 
  3. debian/postinst: Remove leftover /etc/apparmor.d/usr.lib.snapd.snap-confine - without this change apparmor loads the wrong profile for snap-confine which will lead to service restart failures and failure to run snaps on upgrades from older versions of snapd

  
  = TEST CASE =
  1. This is tested in tests/main/upgrade-from-2.15 - without this change the go-example-webserver will fail to (re)start when snapd is upgraded.
  2. This is tested in tests/main/snap-system-env which will ensure that PATH still has .*/local/.*
  3. This is tested in tests/main/upgrade-from-2.15 - without that the snap apptest-snapd-tools.echo would not work after the upgrade of snapd.

  = REGRESSION POTENTIAL =
  1. low regression potential, the order of the snippets is changed only, no new code or removed code in postinst
  2. low regression risk, worst case is that the chmod does not work and we break PATH again - we have an automated test for this
  3. low regression potential: removing the snap-confine file has the risk that someone who downgrades the deb from 2.37 to 2.15 has a missing conffile now and snap-confine does not run properly anymore.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1817949/+subscriptions