On Wed, Apr 27, 2022 at 06:25:04AM -0000, Eduardo Barretto wrote:
> we should not support the format 'release/esm-{infra/apps}', please follow the new CVE file format which is:
> PRODUCT/RELEASE
>
> so it should be:
> esm/precise [1]
> esm/trusty [1]
> esm-infra/xenial
> esm-apps/xenial
> esm-apps/bionic
> esm-apps/focal
> esm-apps/jammy
Cool, I missed when this was communicated. With the change that
Rodrigo is proposing, `esm/trusty` has to be the format used in
~/.ubuntu-security-tools.conf in order for a sources.list to be
generated that references the trusty ppa for ESM, having `trusty/esm`
results in it being skipped.
> [1] Please note that precise and trusty we do have alias setup to
> accept trusty/esm and precise/esm and this was a decision so we don't
> have to touch all our CVEs and infrastructure as their ESM came before
> the new CVE file format.
The esm/trusty alias does not work correctly for umt download:
$ umt search tzdata | grep trusty
trusty/esm: 2022a-0ubuntu0.14.04+esm1, Pocket: release, Component: main
trusty: 2019a-0ubuntu0.14.04, Pocket: updates, Component: main
$ umt download tzdata -r esm/trusty
Skipping release 'esm/trusty': package not found.
$ umt download tzdata -r trusty/esm
Downloading 'tzdata' version '2022a-0ubuntu0.14.04+esm1' for release 'trusty/esm'.
(This happens regardless of whether ~/.ubuntu-security-tools.conf
contains esm/trusty or trusty/esm in `release_list`.)
On Wed, Apr 27, 2022 at 06:25:04AM -0000, Eduardo Barretto wrote: esm-{infra/ apps}', please follow the new CVE file format which is:
> we should not support the format 'release/
> PRODUCT/RELEASE
>
> so it should be:
> esm/precise [1]
> esm/trusty [1]
> esm-infra/xenial
> esm-apps/xenial
> esm-apps/bionic
> esm-apps/focal
> esm-apps/jammy
Cool, I missed when this was communicated. With the change that security- tools.conf in order for a sources.list to be
Rodrigo is proposing, `esm/trusty` has to be the format used in
~/.ubuntu-
generated that references the trusty ppa for ESM, having `trusty/esm`
results in it being skipped.
> [1] Please note that precise and trusty we do have alias setup to
> accept trusty/esm and precise/esm and this was a decision so we don't
> have to touch all our CVEs and infrastructure as their ESM came before
> the new CVE file format.
The esm/trusty alias does not work correctly for umt download:
$ umt search tzdata | grep trusty 14.04+esm1, Pocket: release, Component: main 14.04, Pocket: updates, Component: main 0ubuntu0. 14.04+esm1' for release 'trusty/esm'.
trusty/esm: 2022a-0ubuntu0.
trusty: 2019a-0ubuntu0.
$ umt download tzdata -r esm/trusty
Skipping release 'esm/trusty': package not found.
$ umt download tzdata -r trusty/esm
Downloading 'tzdata' version '2022a-
(This happens regardless of whether ~/.ubuntu- security- tools.conf
contains esm/trusty or trusty/esm in `release_list`.)
--
Steve Beattie
<email address hidden>