[Bug 1307190] Re: postinst script does not restart services

[Adrien Nader]

*** This bug is a duplicate of bug 1971650 ***
    https://bugs.launchpad.net/bugs/1971650

This is not strictly a duplicate of
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1971650 since
this one is now about switching to needrestart, but I believe it
subsumes the current bug enough to mark it as duplicate of the newer
one.

** This bug has been marked a duplicate of bug 1971650
   wrong check for "server" in libssl3.postinst

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1307190

Title:
  postinst script does not restart services

Status in openssl package in Ubuntu:
  Triaged

Bug description:
  I have updated openssl to 1.0.1e-3ubuntu1.2 (Ubuntu 13.10 here). This
  update did not automatically restart services that were using the
  previously installed version (apache2 in my case), because the
  postinst script at /var/lib/dpkg/info/openssl.postinst does not do
  that. In effect, these services were still affected by the security
  vulnerabilities fixed in the update (among them in the latest update
  the fix for CVE-2014-0160 "Heartbleed"). The services had to be
  restarted manually, which in the case of a web server that gets its
  updates automatically via unattended-upgrades can mean a potentially
  dangerous delay.

  Expected behavior is instead that the openssl postinst script restarts
  all services that use the previous version. This is how it was handled
  in openssl 0.9.8b-3 for example (as documented in issue #69239 , see
  https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/69239 ).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1307190/+subscriptions