A new release of the Ubuntu Cloud Images for stable Ubuntu release 20.10 (Groovy Gorilla) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * gcc-10: 10.2.0-13ubuntu1 => 10.3.0-1ubuntu1~20.10 * libxml2: 2.9.10+dfsg-5build1 => 2.9.10+dfsg-5ubuntu0.20.10.2 * linux-meta: 5.8.0.55.60 => 5.8.0.59.64 * linux-signed: 5.8.0-55.62 => 5.8.0-59.66 * nettle: 3.6-2ubuntu0.1 => 3.6-2ubuntu0.2 * procps: 2:3.3.16-5ubuntu2.1 => 2:3.3.16-5ubuntu2.2 * systemd: 246.6-1ubuntu1.3 => 246.6-1ubuntu1.4 * ubuntu-advantage-tools: 27.0.2~20.10.1 => 27.1~20.10.1 The following is a complete changelog for this image. new: {'linux-headers-5.8.0-59-generic': '5.8.0-59.66', 'linux-headers-5.8.0-59': '5.8.0-59.66', 'linux-modules-5.8.0-59-generic': '5.8.0-59.66'} removed: {'linux-modules-5.8.0-55-generic': '5.8.0-55.62', 'linux-headers-5.8.0-55': '5.8.0-55.62', 'linux-headers-5.8.0-55-generic': '5.8.0-55.62'} changed: ['gcc-10-base:amd64', 'libgcc-s1:amd64', 'libhogweed6:amd64', 'libnettle8:amd64', 'libnss-systemd:amd64', 'libpam-systemd:amd64', 'libprocps8:amd64', 'libstdc++6:amd64', 'libsystemd0:amd64', 'libudev1:amd64', 'libxml2:amd64', 'linux-headers-generic', 'linux-headers-virtual', 'linux-image-5.8.0-59-generic', 'linux-image-virtual', 'linux-virtual', 'procps', 'systemd', 'systemd-sysv', 'systemd-timesyncd', 'ubuntu-advantage-tools', 'udev'] new snaps: {'core20': ['stable', '1026']} removed snaps: {'core18': ['stable', '2066']} changed snaps: ['lxd', 'snapd'] ==== gcc-10: 10.2.0-13ubuntu1 => 10.3.0-1ubuntu1~20.10 ==== ==== gcc-10-base:amd64 libgcc-s1:amd64 libstdc++6:amd64 * SRU: LP: #1930125: Update to the GCC 10.3.0 release. * Merge with Debian; remaining changes: - Build from upstream sources. * GCC 10.3.0 release. * Refresh patches. * Fix PR target/99773 (ARM), taken from the trunk. * Merge with Debian; remaining changes: - Build from upstream sources. * GCC 10.3.0 release candidate. * Update to git 20210401 from the gcc-10 branch. - Fix PR target/99563 (x86), PR target/99542 (AArch64), PR ipa/99517, PR middle-end/93235, PR target/99085, PR tree-optimization/99225, PR tree-optimization/99204, PR ipa/99034, PR tree-optimization/99079, PR c++/99035, PR middle-end/99007, PR middle-end/97487, PR middle-end/97971, PR tree-optimization/98287, PR middle-end/99641, PR ipa/98078, PR c/99224, PR tree-optimization/99253, PR fortran/97927, PR rtl-optimization/98791, PR c/99324, PR c/99136, PR c++/99613, PR c++/99507, PR c++/88146, PR c++/99362, PR c++/82959, PR c++/95451, PR sanitizer/99106, PR c++/97742, PR c++/99033, PR c++/98988, PR c++/99031, PR c++/97878, PR fortran/99205, PR fortran/99545, PR libstdc++/99181, PR ipa/99466, PR tree-optimization/96974, PR target/97329 (PPC), PR target/99540 (AArch64), PR target/99704 (x86), PR tree-optimization/98834, PR lto/96591, PR tree-optimization/99694, PR target/99702 (RISCV), PR target/44107, PR target/48097, PR objc++/49070, PR c++/99047, PR c++/98704, PR c++/98480, PR c++/96749, PR c++/98118, PR c++/95616, PR c++/95615, PR c++/97587, PR c++/95822, PR c++/96251, PR fortran/93660, PR fortran/99369, PR fortran/99688, PR tree-optimization/99777, PR debug/99334, PR debug/99388, PR tree-optimization/99824, PR target/97252 (ARM), PR c++/99062, PR ipa/98265, PR rtl-optimization/96264, PR tree-optimization/97849, PR target/99813 (AArch64), PR target/99753 (x86), PR target/95842 (x86), PR target/99037 (AArch64), PR c++/98990, PR c++/95468, PR c++/98611, PR c++/96531, PR c++/97103. - Replace @tie{} string with a space in the man pages. LP: #1405685. * Update to git 20210320 from the gcc-10 branch. - Fix PR target/99563 (x86), PR target/99542 (AArch64), PR ipa/99517, PR middle-end/93235, PR target/99085, PR tree-optimization/99225, PR tree-optimization/99204, PR ipa/99034, PR tree-optimization/99079, PR c++/99035, PR middle-end/99007, PR middle-end/97487, PR middle-end/97971, PR tree-optimization/98287, PR middle-end/99641, PR ipa/98078, PR c/99224, PR tree-optimization/99253, PR fortran/97927, PR rtl-optimization/98791, PR c/99324, PR c/99136, PR c++/99613, PR c++/99507, PR c++/88146, PR c++/99362, PR c++/82959, PR c++/95451, PR sanitizer/99106, PR c++/97742, PR c++/99033, PR c++/98988, PR c++/99031, PR c++/97878, PR fortran/99205, PR fortran/99545, PR libstdc++/99181. - Replace @tie{} string with a space in the man pages. LP: #1405685. * Merge with Debian; remaining changes: - Build from upstream sources. * Update to git 20210311 from the gcc-10 branch. - Fix PR go/99458, PR target/99381 (AArch64), PR target/98959 (PPC), PR target/99279 (PPC), PR target/99041 (PPC), PR c++/90448, PR bootstrap/94918, PR c/99137, PR libfortran/99218. * Fix --as-needed specs for -fsanitize=* options for backports. LP: #1896458. * Export DEB_CHECK_ALI_UPDATE=1. This should be checked after the gnat transition has been prepared in experimental, and just before doing the gnat's defaults change in unstable. * debian/ada/check_ali_update.sh: Fix syntax errors. Always run the script. * Revert the PR ada/99264 fix, causing an ABI breakage in libgnat. * Merge with Debian; remaining changes: - Build from upstream sources. - Still build the sanitizer packages from the GCC 10 source. * Update to git 20210306 from the gcc-10 branch. - Fix PR target/85074 (PA), PR fortran/99124, PR fortran/99171, PR fortran/99027, PR target/99157 (ARM), PR target/99271 (ARM), PR target/99234 (x86), PR c++/90333, PR c++/97246, PR c++/94546, PR c++/96078, PR target/99234 (x86), PR tree-optimization/98758, PR tree-optimization/98640, PR tree-optimization/98526, PR tree-optimization/97897, PR debug/98656, PR ipa/98338, PR target/99271 (ARM), PR target/99234 (x86), PR ada/99264, PR ada/99095, PR c++/96199, PR c++/95675, PR c++/98810, PR c++/90333, PR c++/97246, PR c++/94546, PR d/99337. - RISC-V: Implement __builtin_thread_pointer. * Merge with Debian; remaining changes: - Build from upstream sources. - Still build the sanitizer packages from the GCC 10 source. * Update to git 20210220 from the gcc-10 branch. - Fix PR rtl-optimization/96015, PR debug/96997, PR c++/94034, PR c++/96905, PR c++/98326, PR c++/20408, PR c++/95888, PR fortran/99111, PR fortran/99043, PR fortran/98897, PR fortran/99060, PR libfortran/95647, PR libstdc++/99021. * Still build the lib*gccN compat packages for sid/bullseye. Note, this doesn't change anything for the upload to experimental. Closes: #972936. * Merge with Debian; remaining changes: - Build from upstream sources. - Still build the sanitizer packages from the GCC 10 source. * Update to git 20210206 from the gcc-10 branch. - Fix PR d/98921, PR target/97701, PR rtl-optimization/98863, PR rtl-optimization/98863, PR rtl-optimization/98144, PR rtl-optimization/98863, PR target/96307, PR c++/98717, PR c++/98802, PR c++/98295, PR c++/98355, PR c++/96282, PR preprocessor/95253. * Build libgomp-plugin-hsa1 unconditionally. Removed in GCC 11. * Merge with Debian; remaining changes: - Build from upstream sources. * Still build the sanitizer packages from the GCC 10 source. * Still build libgomp-plugin-hsa1. * Stop building libasan, no soname bump in GCC 11. * Fix packaging logic to build libgphobos. * Update to git 20210130 from the gcc-10 branch. - Fix PR ipa/98690, PR tree-optimization/98513, PR tree-optimization/98282, PR tree-optimization/94994, PR tree-optimization/95401, PR rtl-optimization/97144, PR rtl-optimization/98214, PR tree-optimization/98302, PR tree-optimization/98371, PR target/89057 (AArch64), PR tree-optimization/98221, PR tree-optimization/98117, PR tree-optimization/97623, PR tree-optimization/97623, PR ada/98740, PR libgomp/65099, PR libstdc++/98605, PR libstdc++/96083, PR libstdc++/65480, PR libstdc++/68735, PR tree-optimization/98535, PR c++/98790 (closes: #980429, #980596), PR d/98806 (closes: #980204), PR fortran/98022, PR fortran/98517, PR fortran/93833, PR lto/85574, PR debug/98331, PR target/98853 (AArch64), PR target/98681 (AArch64), PR testsuite/98771, PR testsuite/97301, PR tree-optimization/90248, PR tree-optimization/98255, PR tree-optimization/97627, PR tree-optimization/98766, PR gcov-profile/98739, PR ada/98228, PR c++/33661, PR c++/98847, PR sanitizer/95693, PR c++/98672, PR c++/98463, PR c++/97474, PR c++/98642, PR c++/63707, PR fortran/86470. * Fix parallel linking of cc1gm2. * PR sanitizer/98699: Don't enable --as-needed with -fsanitize=* options. Closes: #980110. * Use --push-state/--pop-state for gold everywhere. * Backport prerequisite patch for PR target/97250 (i386: Define __LAHF_SAHF__ and __MOVBE__ macros, based on ISA flags). * Make -march=x86-64-v[234] behave more like other -march= options, taken from the trunk. * Use the same breaks relations for libgcc-s2 and libgcc-s4 as for libgcc-s1. Closes: #980770. * Fix up plugin header install, taken from the trunk. Closes: #980609. * Still build libasan, libgm2 and libgphobos, when building common libraries from GCC 11. * Stop building packages built from GCC 11. * Update to git 20210121 from the gcc-10 branch. - Fix PR ipa/98690, PR tree-optimization/98513, PR tree-optimization/98282, PR tree-optimization/94994, PR tree-optimization/95401, PR rtl-optimization/97144, PR rtl-optimization/98214, PR tree-optimization/98302, PR tree-optimization/98371, PR target/89057 (AArch64), PR tree-optimization/98221, PR tree-optimization/98117, PR tree-optimization/97623, PR tree-optimization/97623, PR ada/98740, PR libgomp/65099, PR libstdc++/98605, PR libstdc++/96083, PR libstdc++/65480, PR libstdc++/68735. * Fix parallel linking of cc1gm2. * PR sanitizer/98699: Don't enable --as-needed with -fsanitize=* options. Closes: #980110. * Use --push-state/--pop-state for gold everywhere. * Backport prerequiste patch for PR target/97250 (i386: Define __LAHF_SAHF__ and __MOVBE__ macros, based on ISA flags). * Merge with Debian; remaining changes: - Build from upstream sources. * Update to git 20210110 from the gcc-10 branch. - Fix PR c++/98556, PR c++/98551, PR c++/96197. * gcc-10-source: Depend on time. * Fix PR rtl-optimization/97714, taken from the trunk. Closes: #975153. * Build the gcn offload compiler based on amdgcn-tools (based on LLVM 9). * Update to git 20210108 from the gcc-10 branch. - Fix PR target/96793 (x86), PR rtl-optimization/97421, PR fortran/96100, PR fortran/96101, PR target/96320, PR target/97865, PR tree-optimization/98514, PR tree-optimization/98474, PR c++/98353, PR c++/98383, PR middle-end/98183, PR middle-end/98205, PR target/94440 (x86), PR target/98100, PR plugins/98059, PR target/98063 (x86), PR target/98522 (x86), PR target/98521 (x86), PR target/97865, PR c++/98187, PR c++/98122, PR c++/98072, PR c++/82099, PR c++/96675, PR c++/96742, PR c++/97975, PR c++/98043, PR c++/98103, PR c++/97427, PR c++/97438, PR fortran/92587, PR fortran/96325, PR fortran/83118, PR fortran/96012. * Fix hppa64 snapshot builds. * Force running tests on m68k and sh4 architectures. * Provide timing and resource information for all builds. * Backport PR target/97250: Add support for x86-64-v2, x86-64-v3, x86-64-v4 levels for x86-64. * Build the offload compilers using newlib 4.1.0. * Bump standards version. * Update to git 20201224 from the gcc-10 branch. - Fix PR target/96793 (x86), PR c++/98332, PR c++/90254, PR c++/93711. * Build the gcn offload compiler based on amdgcn-tools (based on LLVM 9). Not yet available, so use LLVM 9 directly. * Build the gcn offload compiler based on amdgcn-tools (using LLVM 9). * Merge with Debian; remaining changes: - Build from upstream sources. * Update to git 20201221 from the gcc-10 branch. - Fix PR rtl-optimization/97092, PR ada/98230, PR c++/64194, PR d/98277, PR fortran/98307. * For the gcn offload compiler, use a version fixing LLVM Bug 48201. * Don't install the lto-dump binary in the hppa64 package. Closes: #977461. * Refresh patches. * Strip compiler executables again. * Merge with Debian; remaining changes: - Build from upstream sources. * Update to git 20201207 from the gcc-10 branch. - Fix PR middle-end/94600, PR target/98086 (x86), PR middle-end/95694, PR fortran/95342. * Bump version to 10.2.1. * Build again using gnat-10 everywhere. * Update to git 20201203 from the gcc-10 branch. - Fix PR tree-optimization/97457, PR rtl-optimization/98037, PR c++/97904, PR middle-end/95694. * Relax the libc-dev dependencies for kfreebsd. * Explicitly build with gnat-10 on m68k. * Build using gnat-9 to bootstrap on kfreebsd. * Merge with Debian; remaining changes: - Build from upstream sources. * Re-enable running the testsuite again. * Update to git 20201202 from the gcc-10 branch. - Fix PR target/97528 (ARM), PR debug/97599, PR c/97958, PR fortran/85796, PR libstdc++/98001, PR libstdc++/97935, PR target/97939 (SPARC), PR target/96607 (SPARC), PR tree-optimization/97812, PR middle-end/95171, PR tree-optimization/97760, PR tree-optimization/97539, PR middle-end/97554, PR libstdc++/95322, PR tree-optimization/96698, PR tree-optimization/96920. * Don't strip the sanitizer libraries, these are only used for debugging. LP: #1894166. * Don't run the libgphobos-link test on powerpc architectures. * Install libstdc++6 gdb pretty printer files in /usr/share/gcc (unversioned). * Don't mark the libgcc-sN cross packages with XB-Important/Protected: yes. * Update to git 20201129 from the gcc-10 branch. - Fix PR target/97528 (ARM), PR debug/97599, PR c/97958, PR fortran/85796, PR libstdc++/98001, PR libstdc++/97935, PR target/97939 (SPARC), PR target/96607 (SPARC). * Don't strip the sanitizer libraries, these are only used for debugging. LP: #1894166. * Don't run the libgphobos-link test on powerpc architectures. * Install libstdc++6 gdb pretty printer files in /usr/share/gcc (unversioned). * Re-enable the lto build on arm64. * Disable the lto build on arm64 for now, builds still not succeeding on the buildds. * Merge with Debian; remaining changes: - Build from upstream sources. * Don't run the testsuite on armhf and arm64, better chances for a succeeding build on the buildds. * Update to git 20201125 from the gcc-10 branch. - Fix PR target/97730 (AArch64), PR target/97887 (x86), PR d/97889, PR d/97843, PR d/97842, PR libstdc++/92546, PR libstdc++/97876, PR libstdc++/95989, PR libstdc++/97869, PR c++/97918, PR debug/97060, PR target/97534 (ARM), PR c++/96805, PR c++/96199. * Configure again with --enable-checking=release. * Enable again pgo and lto builds for 64bit architectures. * Merge with Debian; remaining changes: - Build from upstream sources. * Update to git 20201118 from the gcc-10 branch. - Fix PR target/97535 (AArch64), PR target/97682 (RISCV), PR c/97748, PR c++/97790, PR c/97748, PR c++/67453, PR c++/97663, PR fortran/97782, PR fortran/95847, PR fortran/97768, PR libstdc++/97828, PR libstdc++/93456, PR libstdc++/97798, PR libstdc++/96042, PR libstdc++/96042, PR libstdc++/96042. * Update VCS attributes. * Add an autopkg test for linking libphobos. * Build the gcn offload compiler using LLVM 11, and work around the broken as in LLVM 11. See also LLVM Bug 48201 for this issue and https://reviews.llvm.org/D73999 for the patch causing the issue. * Fix PR target/97528, proposed patch. Closes: #972665. * Merge with Debian; remaining changes: - Build from upstream sources. * Update to git 20201111 from the gcc-10 branch. - Fix PR tree-optimization/97764, PR target/97685 (x86), PR target/97360 (PPC), PR lto/97508, PR c++/97412, PR fortran/97652, PR fortran/92793, PR fortran/92793, PR target/85486, PR libstdc++/96269, PR libstdc++/97731, PR libstdc++/97362, PR libstdc++/92285. * Merge with Debian; remaining changes: - Build from upstream sources. * Update to git 20201029 from the gcc-10 branch. - Fix PR rtl-optimization/97439, PR target/96759 (RISCV), PR target/97506 (x86), PR target/97327 (ARM), PR target/96914 (ARM), PR target/96914 (ARM), PR target/96914 (ARM), PR rtl-optimization/97386, PR sanitizer/97294, PR target/97291 (ARM), PR ipa/96394, PR ipa/97404, PR ipa/97295, PR target/97251 (ARM), PR target/97349 (AArch64), PR tree-optimization/97357, PR tree-optimization/97255, PR c++/97197, PR c++/97328, PR c++/97010, PR c++/97197, PR c++/96229, PR fortran/95979, PR libstdc++/95322, PR libstdc++/97132, PR libstdc++/95788, PR tree-optimization/97081, PR tree-optimization/97456, PR c++/95132, PR c++/96241. * Also enable the extra checking on amd64, arm64, ppc64el, s390x, and don't strip the executables. This will be reverted within a few weeks, please don't send bug reports about that. * Mark libgcc-sN with XB-Important/Protected: yes. Addresses: #972936. * Update to git 20201023 from the gcc-10 branch. - Fix PR rtl-optimization/97439, PR target/96759 (RISCV), PR target/97506 (x86), PR target/97327 (ARM), PR target/96914 (ARM), PR target/96914 (ARM), PR target/96914 (ARM), PR rtl-optimization/97386, PR sanitizer/97294, PR target/97291 (ARM), PR ipa/96394, PR ipa/97404, PR ipa/97295, PR target/97251 (ARM), PR target/97349 (AArch64), PR tree-optimization/97357, PR tree-optimization/97255, PR c++/97197, PR c++/97328, PR c++/97010, PR c++/97197, PR c++/96229, PR fortran/95979, PR libstdc++/95322, PR libstdc++/97132, PR libstdc++/95788. * On every arch except i386, configure with --enable-checking=yes,extra,rtl, and don't strip the executables for now. * Update to git 20201011 from the gcc-10 branch. - Fix PR target/97302, PR rtl-optimization/97313, PR middle-end/95189, PR middle-end/95886, PR target/97150 (AArch64), PR target/96313 (AArch64), PR tree-optimization/97236, PR target/96456 (S390), PR gcov-profile/97193, PR c++/88115, PR libstdc++/97273, PR c++/96994, PR c++/97195, PR c++/97145, PR fortran/97272, PR bootstrap/97163, PR gcov-profile/96913. * On armel, armhf, configure with --enable-checking=yes,extra,rtl, and don't strip the executables for now. * Update to git 20201002 from the gcc-10 branch. - Fix PR gcov-profile/64636, PR tree-optimization/96979, PR gcov-profile/97069, PR target/96795 (ARM), PR target/96827 (ARM), PR bootstrap/97183, PR target/97184 (x86). * Fix PR tree-optimization/97236, taken from the trunk. Stop reverting the fixes for PR tree-optimization/97043, PR tree-optimization/96522. Closes: #971027. * Enable gnat on m68k again (Adrian Glaubitz). Closes: #971551. ==== libxml2: 2.9.10+dfsg-5build1 => 2.9.10+dfsg-5ubuntu0.20.10.2 ==== ==== libxml2:amd64 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-24977.patch: Make sure that truncated UTF-8 sequences don't cause an out-of-bounds array access in xmllint. - CVE-2020-24977 * SECURITY UPDATE: use-after-free in xmlEncodeEntitiesInternal - debian/patches/CVE-2021-3516.patch: Call htmlCtxtUseOptions to make sure that names aren't stored in dictionaries. - CVE-2021-3516 * SECURITY UPDATE: heap-based buffer overflow in xmlEncodeEntitiesInternal - debian/patches/CVE-2021-3517.patch: Add some checks to validate input is UTF-8 format, supplementing CVE-2020-24977 fix. - CVE-2021-3517 * SECURITY UPDATE: use-after-free in xmlXIncludeDoProcess - debian/patches/CVE-2021-3518.patch: Move from a block list to an allow list approach to avoid descending into other node types that can't contain elements. - CVE-2021-3518 * SECURITY UPDATE: NULL pointer dereference in xmlValidBuildAContentModel - debian/patches/CVE-2021-3537.patch: Check return value of recursive calls to xmlParseElementChildrenContentDeclPriv and return immediately in case of errors. - CVE-2021-3537 * SECURITY UPDATE: Exponential entity expansion - debian/patches/Patch-for-security-issue-CVE-2021-3541.patch: Add check to xmlParserEntityCheck to prevent entity exponential. - CVE-2021-3541 ==== linux-meta: 5.8.0.55.60 => 5.8.0.59.64 ==== ==== linux-headers-generic linux-headers-virtual linux-image-virtual linux-virtual * Bump ABI 5.8.0-59 * Bump ABI 5.8.0-58 * Bump ABI 5.8.0-57 * Bump ABI 5.8.0-56 * Packaging resync (LP: #1786013) - [Packaging] resync debian/dkms-versions from main package ==== linux-signed: 5.8.0-55.62 => 5.8.0-59.66 ==== ==== linux-image-5.8.0-59-generic * Master version: 5.8.0-59.66 * Master version: 5.8.0-58.65 * Master version: 5.8.0-57.64 * Master version: 5.8.0-56.63 ==== nettle: 3.6-2ubuntu0.1 => 3.6-2ubuntu0.2 ==== ==== libhogweed6:amd64 libnettle8:amd64 * SECURITY UPDATE: crash in RSA decryption via manipulated ciphertext - debian/patches/CVE-2021-3580-1.patch: change _rsa_sec_compute_root_tr to take a fixed input size in rsa-decrypt-tr.c, rsa-internal.h, rsa-sec-decrypt.c, rsa-sign-tr.c, testsuite/rsa-encrypt-test.c. - debian/patches/CVE-2021-3580-2.patch: add input check to rsa_decrypt family of functions in rsa-decrypt-tr.c, rsa-decrypt.c, rsa-sec-decrypt.c, rsa.h, testsuite/rsa-encrypt-test.c. - CVE-2021-3580 ==== procps: 2:3.3.16-5ubuntu2.1 => 2:3.3.16-5ubuntu2.2 ==== ==== libprocps8:amd64 procps * d/p/ignore_eaccess.patch - Fix conflict with 7af88da3 and adjust logic (LP: #1903351) * d/p/ignore_erofs.patch - Fix conflict with 7af88da3 and adjust logic (LP: #1903351) ==== systemd: 246.6-1ubuntu1.3 => 246.6-1ubuntu1.4 ==== ==== libnss-systemd:amd64 libpam-systemd:amd64 libsystemd0:amd64 libudev1:amd64 systemd systemd-sysv systemd-timesyncd udev [ Andy Chi ] * debian/patches/lp1926547-hwdb-60-keyboard-Update-Dell-Privacy-Local-Mic-Mute-.patch - Apply upstream patch to correct key and device mapping. (LP: #1926547) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a4c14d1c8370445e315ffa59b0a7ce593a79fbf4 [ Dan Streetman ] * d/p/lp1921696/0001-rfkill-improve-error-logging.patch, d/p/lp1921696/0002-rfkill-use-short-writes-and-accept-long-reads.patch: Handle rfkill api change in kernel 5.10 (LP: #1921696) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=b683c842c74b5f193555fd79bc76e574a025f5b1 * d/p/lp1929560-network-move-set-MAC-and-set-nomaster-operations-out.patch: Move link mac and master config out of link_up() (LP: #1929560) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=a90963d52a70c0ed1b429b1025b95f8c0fa6e7aa * d/p/lp1902891-core-mount-mount-command-may-fail-after-adding-the-c.patch: Handle failed mount command (LP: #1902891) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=d83f3bce38e04395c6406c3c45efbc9977ae1138 * d/p/debian/UBUNTU-resolved-Mitigate-DVE-2018-0001-by-retrying-NXDOMAIN-with.patch, d/p/lp1880258-log-nxdomain-as-debug.patch, d/p/lp1785383-resolved-address-DVE-2018-0001.patch: - Use upstream patch for DVE-2018-0001 handling (LP: #1785383) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=eb311ad89c5fd570bf3af362d8a2af1b357be3dd [ ukasz 'sil2100' Zemczak ] * d/p/lp1664844/0001-network-add-ActivationPolicy-configuration-parameter.patch, d/p/lp1664844/0002-test-add-ActivationPolicy-unit-tests.patch, d/p/lp1664844/0003-save-link-activation-policy-to-state-file-and-displa.patch: - add support for configuring the activation policy for an interface (LP: #1664844) https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd/commit/?id=0b0a9202964b24fb8d9fb4b28bdb22c6aadd25b7 ==== ubuntu-advantage-tools: 27.0.2~20.10.1 => 27.1~20.10.1 ==== ==== ubuntu-advantage-tools * Backport new upstream release: (LP: #1929597) to groovy * d/control: - specify debianutils min version * d/changelog: - fix lintian typos amend and redact incorrect 27.0 entry (GH: #1624) * lintian: - override ubuntu-advantage-pro wanted-by-target cloud-init - override xenial specific errors - rename package-specific overrides for pro vs tools * New upstream release 27.1: - apt-hook: + avoid segfault when comparing null Apt file origin to esm (LP: #1929123) + avoid wrapping static message formats at 80 chars + update go build flags based on lintian warnings (GH: #1626) + only add newlines for MOTD if message file length is non-zero - attach: do not print contract name if empty - autocomplete: Do not show beta services in autocomplete (GH: #1594) - cis: + make service non-beta + post enable message pointing to docs + update cis help url - docs: update releases.md per SRU review feedback on branch structuring - enable: correct messaging for beta service (GH: #1588) - errors: print a more helpful message when ssl fails (GH: #1618) - fips: + Block enabling fips if fips-updates once enabled (GH: #1600) + Update output of fips commands (GH: #1631) - livepatch: alert when snapd does not have wait cmd (LP: #1927329) - logging: remove tracebacks for UserFacingErrors (GH: #1586) - messaging: + Infra and Apps messaging is mutually exclusive (GH: #1573) + point to u.com/16-04 instead of u.com/advantage on ESM (GH: #1584) + separate _remove_msg_template. emit no warranty on infra disabled - pro: obtain AWS IMDSv2 API token before trying to grab pkcs7 doc (GH: #1608) - status: do not show info if not on contract (GH: #1592) - tests: + drop trusty specific tests + fix mock for handle_message_operations + fix motd message for bionic (GH: #1615) + integration tests for hirsute and groovy + manual test for trusty upgrade to xenial + reboot after dist-upgrade for upgrade test + test enabling CIS on focal (GH: #1582) + update messages in integration tests (GH: #1635) + use proposed pocket on xenial upgrade test - jenkins: + add pytest runs for xenial and bionic + run focal lxd integration tests * d/control: - order build-depends alternatives newer first (LP: #1926949) - apt-hook: do not attempt to package go APT JSON hook on some architectures (GH: #1603) (LP: #1927886, LP: #1927795) * Bug-fix release 27.0.2: build failures on riscv64 and powerpc - apt-hook: refactor json hook messaging to be dry - tests: fix subp ls error case for powerpc builds - jenkinsfile: add --resolve-alternatives for trusty builds - amend changelog: add omitted apt-hook message for 27.0.1 stanza * Add .gitignore and cleanup ignored directory .pytest_cache * apt-hook: mitigate failures with true * New upstream release 27.0: - [redacted: actually landed in 27.0.1] apt-hook: mitigate failures with true - messages: add optional (s) to apt messaging to include singular/plural pkgs - apt-hook: avoid reporting and counting duplicate package names (GH: #1578) - fix: don't say reboot required when unnecessary (LP: #1926183) - test: uncomment additional xenial upgrade tests * New upstream beta3 release: - config: avoid tracebacks on invalid features value in uaclient.conf (GH: #1564) - apt-hook: new json hook for security update counts - Remove redundant messaging from uaclient * d/control: - add distro-info dependency - add new debianutils dependency - add optional dh-systemd | debhelper (>= 13.3) to fallback on hirsute and later when dh-systemd is not present * d/rules: enable and start ua-messaging.timer on package install * d/postinst: - configure esm on any LTS release avoid beta services - configure esm-infra when is_active_esm and apps on LTS - xenial enable unauthenticated apt source for apps/infra * New upstream release 27.0~beta: - apt-hook: + adapt hook to process separate message templates + esm-apps and esm-infra pkg counts not mutually-exclusive + print static messages on apt upgrade/dist-upgrade (GH: #1546) - config: create settings_overrides on config (GH: #1507) - docs: add entry for uploading new version to ppa - esm: + add pin never when disabling esm-infra/apps on xenial + enable infra when EOL LTS and apps on all LTS (GH: #1558) - fips: add notice when installing over old fips - fix: + add links to ubuntu.com/gcp/aws in messaging when on non-PRO + add notice to reboot operation on ua fix + do not prompt user for beta services (GH: #1544) + notify users if reboot is required (GH: #1476) + update how the expired token logic works + wrap output greater than 80 chars (GH: #1487) - lib: fix notice handling on reboot script - messages + provide static message files for use in APT and MOTD + update_ua_messages on attach/detach/disable - mypy: add lib/ dir for coverage - status: do not remove notices on non-root call (GH: #1518) - subp: separate % format strings when logging (GH: #1520) - systemd: add ua-messaging.timer to update ua MOTD and APT msgs - update-motd.d: add conditional hooks for motd to source ua messages - util: add is_lts and is_active_esm funtions to support ESM - test + add integration tests asserting esm-apps setup due to postinst + manual test script for xenial upgrade + trusty and xenial infra and apps disabled in pkg install - behave: use unaltered cloud images unsetting UACLIENT_BEHAVE_PPA - jenkins: make lint and style stage run sequentially * d/*: prefix all the debhelper conf files with the package name * d/control: - add Rules-Requires-Root: no - bump Standards-Version to 4.5.1 - make ubuntu-advantage-pro Architecture: all * d/lintian-overrides: - override maintainer-script-calls-service - package-supports-alternative-init-but-no-init.d-script * d/postinst: move the u-a-pro note to a config script * d/ubuntu-advantage-tools.templates: suggest the use of apt * New upstream release 27.0~beta: - apt: add retry for apt-helper command (GH: #1431) - cli: drop subcommand repeated help output, fix enable & refresh (GH: #1440) - config: + allow parsing yaml delivered from env values + environment variable support for feature overrides (GH: #1395) + create config to add extra params to security url - docs: + add ppas and fix typos + use Ubuntu Pro not Ubuntu PRO + add stop "." punctuation to messages (GH: #1320) - fips: fix FIPS message when disable operation fails - fix: + add basic UASecurityClient to which queries CVE and USNs + add security_url to config + check if service is enabled during ua fix (GH: #1462) + closer representation of cve and usn responses + filter usns by cve details (GH: #1470) + fix regex to be more permissive and strict + get_cve_affected_source_packages_status won't list not-affected (GH: #1467) + handle other package status when running ua fix (GH: #1435) + improve error message for ua fix (GH: #1420) + install pkg fixes when they are on standard pocket (GH: #1401) + move timeout and retries to security client only + only prompt for subscription attach for UA-related pkg updates + parse all related USNS to a given CVE when fixing + parse full API responses for related CVEs and USNs + prefer USN.release_packages binary pkg versions to CVE src ver (GH: #1436) + prompt for new ua token when expired one is used (GH: #1475) + prompt to emit pro suggestion on pro_clouds if unattached (GH: #1386) + prompt to enable service during ua fix (GH: #1455) + provide related CVE URLs instead of USNs (GH: #1456) + raise errors when source_link is null or unexpected format + show packages that were not fixed in the output + update output for released packages in ua fix (GH: #1438) + update message for invalid issue in ua fix (GH: #1433) + use pocket values from USNs (GH: #1439) - logs: emit error response on API errors and redact sensitive logs (GH: #1424) - serviceclient: add 10 second timeout and two retries to API calls (GH: #1374) - util: + add error prompts on invalid selection + add timeout to readurl - tests: + Add disable_auto_attach config to all test PRO vms + add merge_usn_released_binary_package_versions tests + add unittest coverage for override_usn_release_package_status + drop traceback checks on fips integration tests + refactor integration tests for ua fix cmd + run status wait before detach in PRO tests + use ssh to run commands on lxd containers - jenkins: archiveArtifacts can only reference paths within workspace * d/control: add new debianutils dependency * New upstream release 26.3 - util: improve is_container check for chroot - cli: pass assume_yes param to services on detach (GH: #1530) * Drop dh-systemd build dependency. * status: show beta services in status if enabled (GH: #1410) * New upstream release 26.1 - contract: block detach call to contract if machine-id change - docs: add readme docs about mastering clean golden images - fips: add reboot notices for fips operations (GH: #1368) - livepatch: add retry when running canonical-livepatch status (GH: #1360) - util: use lru_cache to avoid re-reading os-release and machine-id (GH: #1329) - tests: + add disable_auto_attach config to all test PRO vms + add more log artifacts during failed integration test + check cloudinit status after launching image + mock leaking livepatch.application_status for fips test + retry package installs on apt exit 100 - jenkins: parameterize build stages to avoid parallel job collision * auto-attach: fix comparing numeric iid * New upstream release 26.0: - auto-attach: systemd unit to run before ua-reboot-cmds.service - config: remove_notice should remove notices.json when empty - fips: + add notice if running a deactivated FIPS kernel (GH: #1348) + block enabling FIPS on clouds using Xenial + block enabling fips on GCP instances + check /proc/sys/crypto/fips_enable to see if fips is enabled + override fips metapackage when on bionic cloud + update metapackage override logic on fips - notices: clear lock file and notice when encountering any exception (GH: #1326) - reboot_cmds: retry on lock held errors due to pro auto-attach - services: allow uaclient to disable services during enable - status: include beta services in json formatted output with --all (GH: #1341) - tests: + add FIPS tests to AWS and Azure bionic images + add GCP pro test for focal machine + add after_step collection of artifacts on failure + remove proc file check after disabling fips + pro: block auto-attach with cloud-config bootcmd + add validation of systemd unit ua-reboot-cmds.service + test enabling fips-updates when fips is enabled - jenkins: - add deb build stage to assert package builds - use series-specific sbuild --build-dir avoid races - use --append-to-version for each sbuild run to avoid races - presume success when no integration artifacts created * d/rules: - add --with systemd to allow reboot init script - do not remove lib/systemd/system folder * d/postinst: - create marker file when reboot script need to run: - enable livepatch across trusty to xenial upgrade - update fips on existing fips pro machines * New upstream release 26.0~beta: - gcp: add Google Cloud Platform support (GH #1269) - fips: + remove is_beta from fips sevices + fips pro: add upgrade support to require reboot to unmark held fips pkgs + update origin UbuntuFIPSUpdates - status: + add notice to tabular output + held locks emit notice about Operation in progress - cli: help sort output so trusty ordering matches xenial++ - cis: rename service from cis-audit - config: provide config notices and add_notice and remove_notice methods - contract: add resource-machine-access route and datapath - init: add init script to run commands on reboot - keys: add ubuntu-advantage-cis keyring - livepatch: make livepatch react to enableByDefault delta - log: log when we install pkgs because of contract delta - make: drop six testdeps target - pro: do not install pro debs on non-pro instances - services: Update beta info for services (GH #1220) - tools: add tox-lxd-runner, that execute the test command in a shell - tools: refresh-keyrings handles cis keys. drop series-specific keys - tests: + add GCE support for integration tests + add cis integration tests for unattached and pro + add pytest constraint for mypy tests + add unittests for reboot_cmds script + fix esm package messages for new update notifier version + pin importlib-metadata for mypy tests + repo tests for request_resource_machine_access + unit tests for config cache clearing and machine-access data - jenkins: + add basic Jenkinsfile for CI runs per PR + add jenkins parseable test results + add lxc cleanup stage on Jenkinsfile * Release version 25.0 * New upstream release 25.0~beta3: - upgrade-lts-conract: noop during do-release-upgrade on unattached (GH: #1255) - ua-auto-attach: order systemd unit before cloud-config.service - Update FIPSUpdates pin origin - fips: unmark held fips packages for ubuntu pro fips image support (GH: #1109) - repo: handle changes to additionalPackages contract deltas - repo: move package installation to install_packages method - pro: trigger auto-attach as soon as instance-data.json is available (GH: #1234) - Conditionally install packages when enabling FIPS - fips: allow disable (GH: #1168) - cli: add trailing newline to argparse errors (GH: #1236) - Install fips metapacking when enabling service - integration test improvements: + upgrade-test: fix upgrade path restart failures on trusty (GH: #1257) + Fix integration test setup scripts (GH: #1253) + strict checking for command success on behave + Update tests to use new pycloudlib LXD abstraction + Add upgrade scenario tests when FIPS is enabled + Improve FIPS tests for checking packages + Update esm-infra xenial lxd test + Fix vm tests as esm-apps is beta service + Fix azure generic integration testing + Update esm-apps check on staging_commands tests + Install pycloudlib for azure jobs only + Fix shell condition in run_azure_travis_integration_tests.sh + Update azure jobs on travis + Update travis url in README + Update travis scripts to use ppa only on master + Fix cron event type check on travis yaml * New upstream release 25.0~beta2: - help: update esm-infra help text (GH: #1212) - apt-hook: update apt cli messaging for UA Infra: ESM and UA Apps: ESM product names - help: update fips help docs (GH: #1213) - help: revert CIS help doc URL (GH: #1211) - help: add new fips help URLs to CLI help docs (GH: #1210) - Show error when enabling service with invalid repo [Lucas Moura] (GH: #954) - Update beta info for services (#1220) [Lucas Moura] (GH: #1216) - Do not enable fips when fips-updates is active [Lucas Moura] (GH: #1209) - Add vm test commands in tox.ini (#1204) [Lucas Moura] * Beta bug fix release - status: fix missing description_override key after upgrade from trusty (GH: #1201) - During contract delta processing use _check_application_status_on_cache instead of live service status * d/control: - add po-debconf dependency and fix lintian not-using-po-debconf and untranslatable-debconf-templates - add ${misc:Depends} dep to ubuntu-advantage-pro to fix lintian debhelper-but-no-misc-depends (GH: #1024) * d/rules: - drop --with systemd fix build-depends-on-obsolete-package - set fix lintian warning extra:Depends even if empty * d/postrm - Add more gpg keys to be deleted in postrm for Xenial+ support * d/postinst: - do not unconfigure non-trusty esm. no series in apt filenames (GH: #1170) - check if esm is already enabled (GH: #1095) * New upstream release 25.0: - Do not uninstall additionalPackages or livepatch when disabling services - check for issubclass on clean_apt_files - Add do-release-upgrade support for esm-infra and apps suites (GH: #1169) - Apply contract deltas during do-release-upgrade operations - cli: add ua help command - cli: status add blocking --wait param and lock files for config change - Fix livepatch behaviour on aws pro focal machine - travis: drop inapplicable workspaces from specific awsgeneric release jobs - Add possible reboot text after enabling/disabling services - apt-hook: package apt-hook and apt configuration files on all releases (GH: #1150) - Fix enable fail bug - Add uaclient.conf override mechanism for auto-attach, beta services and machine-token - Support ESM Apps [Brian Murray] (GH: #930) - Do not enable services if blocking services is active (GH: #1029) - contract: handle 401 on invalid token, 403 on expired (GH: #1335) - Hide beta services from default status output and enable/disable operations (GH: #1079) (GH: #1091) - fips: force apt noninteractive prompts during package installs (GH: #1084) - tests: add unit tests for aws-gov/aws-china cloud detection - Add AWS China and GovCloud partitions [Robert Jennings] - Disable beta services to be show/enabled without flag - Add missing build_pr command to environment - Use additionalPackages from service payload - Add integration testing for Travis runs [patriciadomin] (GH: #856) (GH: #857) (GH: #853) * New bug-fix-only release 24.4: - uaclient.version bump to 24.4 - fips: honor additionalPackage directive from contract for bionic (GH #1173) * New bug-fix-only release 24.3: - uaclient.version bump to 24.3 - fips: add conditional reboot message only if /var/run/reboot-required is present - fips: add apt repo key for FIPS and FIPS updates (GH #1026) * New bug-fix-only release 24.2: - uaclient.version bump to 24.2 - pro: Add AWS China and GovCloud partitions support (GH #1077) * New bug-fix-only release 24.1: - livepatch: run snap wait system snap.seeded before trying to install (GH: #1049) - version: return debian/changelog version when git describe fails to match upstream . tags for git-ubuntu workflow (GH: #1058) * bump version to 24.0 for new versioninig scheme * New upstream release 20.3: - ubuntu-pro: automatically reattach across instance id delta (LP: #1867573) - integration testing: + add behave tests ua subcommands for attached vm + add invalid token tests + add reuse_container test docs + refactor token parameter * d/templates: add a debconf note on upgrade from pre-ubuntu pro package * d/control: create a separate ubuntu-advantage-pro package which delivers the tooling and scripts necessary to auto-attach pro machines This change breaks/replaces ubuntu-advantage-tools <= 20.1 * d/maintscript: rm_conffile /etc/init/ua-auto-attach.conf from ua-tools pkg * d/postint: remove stale systemd symlinks which have migrated to ubuntu-pro * d/rules: only install the apt hook on trusty * d/rules: provide --no-start to debhelper to avoid auto-attach on pkg install * Release 20.2: - ubuntu-pro: + azure: fix detection of DatasourceAzureNet as azure on trusty + generalize identity_doc to return dict instead of string + auto-attach: any 4XX errors during auto-attach are the result of non-Pro + auto-attach: handle 403 errors raised by contract server for invalid vms - attach: persist any status config changes after attach failures - output: add messaging using a different subscription if attached * Release 20.1: - azure-pro, support for azure ubuntu pro auto-attach: + add azure auto-attach instance as valid cloud_instance_factory + add azure cloud instance module and tests + generalize request_aws_contract_token for multiple cloud_types + contract: request_auto_attach_contract_token takes an instance param - constraints: add constraint on pyyaml version in trusty - auto-attach: move duplicate invalid cloud_type check out of cli * d/postinst: only configure ESM on supported architectures (LP: #1851858) [Andreas Hasenack] * d/postinst: rename existing ubuntu-esm-precise.list file to trusty. This fixes the upgrade path from precise to trusty and to this client while esm is enabled (LP: #1850672) * Release 19.7: - aws: handle missing SYS_HYPERVISOR_PRODUCT_UUID - aws-pro: support for aws ubuntu pro auto-attach - pro: add cloud identity module and fix unit tests - pro: update systemd service and upstart boot scripts to auto-attach - pro: esm do not do apt pin never on disable on xenial or bionic - pro: esm-apps has origin UbuntuESMApps and esm-infra is UbuntuESM - status: dynamic status available now from refreshed machine-token - uaclient: update customer visible messages after UX review - esm-apps: allow unattended security upgrades for esm-apps - systemd: needs WantedBy=multi-user.target to get pulled into boot - cli: update docstring to describe errors raised from auto-attach - keyrings: update ubuntu-advantage-esm-apps.gpg with correct key - repo: match strict repo url in apt-policy to avoid esm substring matches - esm: don't disable_apt_auth_only for ESM entitlements - initial implementation of esm-apps - repo: don't raise exception in application_status if aptURL missing - entitlements: rely solely on contract server for repo_url - cli: exit 0 if already attached - cli: use decorators for action_attach and action_attach_premium - cli: add assert_not_attached decorator - status: custom descriptions for n/a service status * New upstream release. Main changes: - drop SSO interactive login support - d/control: no longer depend on pymacaroons, which was only needed for the SSO interactive login support - drop keyrings for services not supported in trusty: cc-eal, fips, fips-updates, cis audit - make sure /var/lib/ubuntu-advantage/private has 0700 perms - rename esm to esm-infra. Also handle upgrades - don't unecessarily remove config files that are already handled by dpkg - expand the apt related runtime dependencies - handle sources.list.d esm snippet when release upgrading from precise - ua status now reports availability of services even in unattached state - the "ua status" output was changed, including the json format option - drop "ua status" call in postinst as it now requires internet access and that is restricted in LP builders and test runners. - fix the d/t/usage DEP8 test that was also using status * d/t/usage: fix dep8 test ("entitlements" was renamed to "services") * New upstream release (LP: #1832757): - packaging: + d/control: depend on libapt-pkg to use pin-priority never + d/postinst: adjust logfile permissions + d/postinst: remove public files and generate status cache on upgrade + d/postinst: Remove the old CACHE_DIR in postinst + d/postrm: remove log files on package purge + d/postrm: remove the ESM pinning file on purge + trusty should remove v1 esm key if present after upgrade + keyrings: regenerate keyrings on a trusty host + refresh keyrings to match current production for fips and cc-eal - apt: + all repo entitlements now call apt-get update on enable + enable -updates if -updates from the Ubuntu archive is enabled + Add basic i18n (good enough for lang packs) + retry apt install and update commands 3 times simple backoff + write commented -updates lines instead of omitting them - attach/detach: + added --no-auto-enable option + suppress messages from inapplicable default entitlements + two-factor auth reprompt only two-factor auth on failed 2fa + honour enableByDefault obligations from contract server + livepatch: no auto-enable on attach for trusty + don't attempt to disable inapplicable entitlements during detach + check for root before checking for attach in assert_attached_root - status: + add --json cli formatting option + emit a SERVICE header in status output + redact technical support and expiry for free contracts + unentitled services will report n/a - cc-eal: + add a warning about download size before install + change cc to cc-eal in docs, parameters and commandline help - esm: + add esm-v2 gpg keyring, drop old keyring, ignore aptKey directive + and livepatch auto enabled on attach where supported + on upgrade do not install preferences to pin never if esm enabled + remove only the apt auth entry on disable, leaving sources.list + use Pin-Priority never apt preference file to disable esm initially - fips: + display as pending when linux-fips is not the running kernel + only install/upgrade optional packages that are already on the system - logs: + no longer redact secrets as logfile is root read-only + separate console log devel from logfile level + remove level from messages to the console - add subcommand to refresh all contract details - config: allow contract_url and sso_auth_url to have a trailing slash - docker: fix persisting generated uuid on images without machine-id files - environ: allow lowercase ua_ overrides - repo: un-comment ESM sources.list lines on repo disable - updated manpage and help docs * apt-hook: Add missing headers for APT 1.9 * Drop the self-test assert in the apt-hook, it's making the subiquity server install fail (LP: #1824523) * apt-hook: Do not crash/fail if we can't read /proc/self/status (LP: #1824523) * Ubuntu Advantage Tools rewrite in Python (LP: #1814157): - Allow attaching a system to a contract or account - More complete status output, dropping MOTD updates - Easily enable and disable services offered * Have ua status cope with the additional livepatch of running a kernel that is not supported for livepatches. * Have an option for enable-livepatch to install a compatible kernel if needed. [ Vineetha Kamath ] * Add support to common criteria EAL2 artifacts installation #144 * New upstream release - added enable-fips-updates command. This command enables the fips-updates repository to install updates to FIPS modules. The updated modules from fips-updates repository are non-certified. * d/t/update-motd-run: fix path to the esm motd (LP: #1757490) * Rename motd scripts so they are shown a bit earlier (LP: #1757171) * Move empty line placement in the livepatch motd to the beginning of the message to avoid double blank lines. * New upstream release: - repositories are only added after credentials are verified (LP: #1730361) - Livepatch MOTD script (LP: #1710976) - better "status" command output formatting (LP: #1719034) - sources.list.d files no longer contain credentials. The "auth.conf" facility is used instead. (LP: #1700611) - enabled Livepatch support for Bionic 18.04 LTS * New upstream release: - run tests during package build * New upstream release: - revert the latest name changes - instead of "advantage", add a "ua" symlink pointing at the ubuntu-advantage script. Likewise for its manpage. (LP: #1721272) * New upstream release: - rename the ubuntu-advantage script to advantage, including where it's mentioned in the documentation. Also provide symlinks pointing at the previous name. (LP: #1721272) - slightly reword some of the FIPS messages * New upstream release with FIPS support (LP: #1718291) * New upstream release: - call apt-get with the non-interactive frontend variable set, and tell dpkg to keep the old config file by default should there be any prompts about that. (LP: #1715012) - split the one big test file into multiple smaller files, for better maintainability. * Release to artful (LP: #1711369) * d/control: update package description * New release version 6. Main changes: - document return codes on the manpage (Fixes: #33) - new status command (Fixes: #40) - restrict esm to precise only (Fixes: #43) - drop the livepatch motd update, only esm has motd output now (Fixes: #44) - skip tests during package building (Fixes #49) * Only display apt output in the case of errors (Fixes #34). * Check running kernel version before enabling the Livepatch service (Fixes #30). * Add livepatch support: - New commands: + enable-livepatch + disable-livepatch + is-livepatch-enabled - new tests - new manpage - new help output - new README.md - new MOTD * ubuntu-advantage & /etc/update-motd.d/99-esm now build, run and are quiet on non-precise release. (LP: #1686183) * Add simple dep8 tests. * Also install ca-certificates (LP: #1690270) * Initial Release. LP: #1686183 -- [1] http://cloud-images.ubuntu.com/releases/groovy/release-20210622.1/ [2] http://cloud-images.ubuntu.com/releases/groovy/release-20210611/