[Bug 1307190] Re: postinst script does not restart services
Marc Deslauriers
marc.deslauriers at canonical.com
Fri May 2 17:07:52 UTC 2014
** Changed in: openssl (Ubuntu)
Status: New => Triaged
** Changed in: openssl (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1307190
Title:
postinst script does not restart services
Status in “openssl” package in Ubuntu:
Triaged
Bug description:
I have updated openssl to 1.0.1e-3ubuntu1.2 (Ubuntu 13.10 here). This
update did not automatically restart services that were using the
previously installed version (apache2 in my case), because the
postinst script at /var/lib/dpkg/info/openssl.postinst does not do
that. In effect, these services were still affected by the security
vulnerabilities fixed in the update (among them in the latest update
the fix for CVE-2014-0160 "Heartbleed"). The services had to be
restarted manually, which in the case of a web server that gets its
updates automatically via unattended-upgrades can mean a potentially
dangerous delay.
Expected behavior is instead that the openssl postinst script restarts
all services that use the previous version. This is how it was handled
in openssl 0.9.8b-3 for example (as documented in issue #69239 , see
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/69239 ).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1307190/+subscriptions
More information about the foundations-bugs
mailing list