[Bug 1847496] Re: [trusty] policy not always initialized when building depcache

[Julian Andres Klode]

It passed!

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1847496

Title:
  [trusty] policy not always initialized when building depcache

Status in apt package in Ubuntu:
  Invalid
Status in apt source package in Trusty:
  Fix Committed

Bug description:
  [Impact]
  apt in trusty does not always initialize the policy before constructing the depcache. This means that if you access the depcache, it does not respect pinning when calculating upgrades.

  This is not a general problem - according to current knowledge, it
  only affects apt list. It does affect any code that requests a
  depCache from pkgCacheFile without having explicitly build caches, or
  explicitly initialized policy (which other parts of apt do).

  
  [Test case]

  1. Add deb https://esm.ubuntu.com/ubuntu/ trusty-infra-security main to sources.list
  2. Pin it down

  Package: *
  Pin: release trusty-infra-security
  Pin-Priority: -1

  3. Look at apt list apport

  Currently it shows:

  apport/trusty-updates,trusty-security,now 2.14.1-0ubuntu3.29 all
  [installed,upgradable to: 2.14.1-0ubuntu3.29]

  because when calculating whether the package is upgradable, it did not
  see the pinning.

  Correct would be:

  apport/trusty-updates,trusty-security,now 2.14.1-0ubuntu3.29 all
  [installed]

  [Regression potential]
  Behavior of code that only initializes depcache, but not policy will change. For example, pinning will be applied in such code (as it is in later versions, and should be). This adds some more error cases as well, such as parsing failures for preferences files.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1847496/+subscriptions