Does Ubuntu fix bugs in LTS versions?
Clash Royale CLAN TAG#URR8PPP .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;
up vote
0
down vote
favorite
There is a long-standing bug 1211110 in network-manager that is present in Ubuntu 13.04 up to 16.10 leading to the addition of default gateway to /etc/resolv.conf and possible DNS leakage while using a VPN. The bug is fixed in network-manager>=1.4.4.
Is it not the Ubuntu policy to fix bugs for the duration of the support period?
lts release-management
edited 2 days ago
muru
127k19266452
asked 2 days ago
Antti Raila
94
 |Â
show 1 more comment
up vote
0
down vote
favorite
There is a long-standing bug 1211110 in network-manager that is present in Ubuntu 13.04 up to 16.10 leading to the addition of default gateway to /etc/resolv.conf and possible DNS leakage while using a VPN. The bug is fixed in network-manager>=1.4.4.
Is it not the Ubuntu policy to fix bugs for the duration of the support period?
lts release-management
edited 2 days ago
muru
127k19266452
asked 2 days ago
Antti Raila
94
You can raise the flag on community.ubuntu.com to attract developers' attention.
– N0rbert
2 days ago
1
It's more useful to link a bug to the actual bug report. Since this doesn't seem to be a security bug (the Ubuntu Security Team is not subscribed), the fix won't be backported to older releases. Since it's a 'high' priority bug, it might be eligible for a Stable Release Update, but no users have asked for it. Much of the testing is done by volunteers; if nobody wants to volunteer....
– user535733
2 days ago
@user535733 Changed link to point to an actual bug. So, apparently this doesn't qualify as a security bug, huh?
– Antti Raila
2 days ago
Not sure what you mean by 'qualify'. There is no checklist. Are you saying that you believe it to be a serious security concern?
– user535733
2 days ago
1
Read up on how security bugs, Stable Release Updates, and Backports work. Those will answer most of your questions and show you the way forward to get action.
– user535733
yesterday
 |Â
show 1 more comment
up vote
0
down vote
favorite
up vote
0
down vote
favorite
There is a long-standing bug 1211110 in network-manager that is present in Ubuntu 13.04 up to 16.10 leading to the addition of default gateway to /etc/resolv.conf and possible DNS leakage while using a VPN. The bug is fixed in network-manager>=1.4.4.
Is it not the Ubuntu policy to fix bugs for the duration of the support period?
lts release-management
edited 2 days ago
muru
127k19266452
asked 2 days ago
Antti Raila
94
There is a long-standing bug 1211110 in network-manager that is present in Ubuntu 13.04 up to 16.10 leading to the addition of default gateway to /etc/resolv.conf and possible DNS leakage while using a VPN. The bug is fixed in network-manager>=1.4.4.
Is it not the Ubuntu policy to fix bugs for the duration of the support period?
lts release-management
edited 2 days ago
muru
127k19266452
asked 2 days ago
Antti Raila
94
edited 2 days ago
muru
127k19266452
edited 2 days ago
muru
127k19266452
edited 2 days ago
muru
127k19266452
127k19266452
asked 2 days ago
Antti Raila
94
asked 2 days ago
Antti Raila
94
asked 2 days ago
Antti Raila
94
94
You can raise the flag on community.ubuntu.com to attract developers' attention.
– N0rbert
2 days ago
1
It's more useful to link a bug to the actual bug report. Since this doesn't seem to be a security bug (the Ubuntu Security Team is not subscribed), the fix won't be backported to older releases. Since it's a 'high' priority bug, it might be eligible for a Stable Release Update, but no users have asked for it. Much of the testing is done by volunteers; if nobody wants to volunteer....
– user535733
2 days ago
@user535733 Changed link to point to an actual bug. So, apparently this doesn't qualify as a security bug, huh?
– Antti Raila
2 days ago
Not sure what you mean by 'qualify'. There is no checklist. Are you saying that you believe it to be a serious security concern?
– user535733
2 days ago
1
Read up on how security bugs, Stable Release Updates, and Backports work. Those will answer most of your questions and show you the way forward to get action.
– user535733
yesterday
 |Â
show 1 more comment
You can raise the flag on community.ubuntu.com to attract developers' attention.
– N0rbert
2 days ago
1
It's more useful to link a bug to the actual bug report. Since this doesn't seem to be a security bug (the Ubuntu Security Team is not subscribed), the fix won't be backported to older releases. Since it's a 'high' priority bug, it might be eligible for a Stable Release Update, but no users have asked for it. Much of the testing is done by volunteers; if nobody wants to volunteer....
– user535733
2 days ago
@user535733 Changed link to point to an actual bug. So, apparently this doesn't qualify as a security bug, huh?
– Antti Raila
2 days ago
Not sure what you mean by 'qualify'. There is no checklist. Are you saying that you believe it to be a serious security concern?
– user535733
2 days ago
1
Read up on how security bugs, Stable Release Updates, and Backports work. Those will answer most of your questions and show you the way forward to get action.
– user535733
yesterday
You can raise the flag on community.ubuntu.com to attract developers' attention.
– N0rbert
2 days ago
You can raise the flag on community.ubuntu.com to attract developers' attention.
– N0rbert
2 days ago
1
1
It's more useful to link a bug to the actual bug report. Since this doesn't seem to be a security bug (the Ubuntu Security Team is not subscribed), the fix won't be backported to older releases. Since it's a 'high' priority bug, it might be eligible for a Stable Release Update, but no users have asked for it. Much of the testing is done by volunteers; if nobody wants to volunteer....
– user535733
2 days ago
It's more useful to link a bug to the actual bug report. Since this doesn't seem to be a security bug (the Ubuntu Security Team is not subscribed), the fix won't be backported to older releases. Since it's a 'high' priority bug, it might be eligible for a Stable Release Update, but no users have asked for it. Much of the testing is done by volunteers; if nobody wants to volunteer....
– user535733
2 days ago
@user535733 Changed link to point to an actual bug. So, apparently this doesn't qualify as a security bug, huh?
– Antti Raila
2 days ago
@user535733 Changed link to point to an actual bug. So, apparently this doesn't qualify as a security bug, huh?
– Antti Raila
2 days ago
Not sure what you mean by 'qualify'. There is no checklist. Are you saying that you believe it to be a serious security concern?
– user535733
2 days ago
Not sure what you mean by 'qualify'. There is no checklist. Are you saying that you believe it to be a serious security concern?
– user535733
2 days ago
1
1
Read up on how security bugs, Stable Release Updates, and Backports work. Those will answer most of your questions and show you the way forward to get action.
– user535733
yesterday
Read up on how security bugs, Stable Release Updates, and Backports work. Those will answer most of your questions and show you the way forward to get action.
– user535733
yesterday
 |Â
show 1 more comment
1 Answer
1
active
oldest
votes
up vote
3
down vote
It is policy backport security bugfixes, although it's not always by shipping the latest package version. Sometimes, it's just applying the part of the patch that is relevant and bumping the ~ubuntuXXXXX version number not the package version.
That said, a DNS leak might not cross the threshold for serious security bug that merits the man-hours for a backport.
answered 2 days ago
RobotHumans
22.1k358101
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
3
down vote
It is policy backport security bugfixes, although it's not always by shipping the latest package version. Sometimes, it's just applying the part of the patch that is relevant and bumping the ~ubuntuXXXXX version number not the package version.
That said, a DNS leak might not cross the threshold for serious security bug that merits the man-hours for a backport.
answered 2 days ago
RobotHumans
22.1k358101
add a comment |Â
up vote
3
down vote
It is policy backport security bugfixes, although it's not always by shipping the latest package version. Sometimes, it's just applying the part of the patch that is relevant and bumping the ~ubuntuXXXXX version number not the package version.
That said, a DNS leak might not cross the threshold for serious security bug that merits the man-hours for a backport.
answered 2 days ago
RobotHumans
22.1k358101
add a comment |Â
up vote
3
down vote
up vote
3
down vote
It is policy backport security bugfixes, although it's not always by shipping the latest package version. Sometimes, it's just applying the part of the patch that is relevant and bumping the ~ubuntuXXXXX version number not the package version.
That said, a DNS leak might not cross the threshold for serious security bug that merits the man-hours for a backport.
answered 2 days ago
RobotHumans
22.1k358101
It is policy backport security bugfixes, although it's not always by shipping the latest package version. Sometimes, it's just applying the part of the patch that is relevant and bumping the ~ubuntuXXXXX version number not the package version.
That said, a DNS leak might not cross the threshold for serious security bug that merits the man-hours for a backport.
answered 2 days ago
RobotHumans
22.1k358101
answered 2 days ago
RobotHumans
22.1k358101
answered 2 days ago
RobotHumans
22.1k358101
answered 2 days ago
RobotHumans
22.1k358101
22.1k358101
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1062117%2fdoes-ubuntu-fix-bugs-in-lts-versions%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
You can raise the flag on community.ubuntu.com to attract developers' attention.
– N0rbert
2 days ago
1
It's more useful to link a bug to the actual bug report. Since this doesn't seem to be a security bug (the Ubuntu Security Team is not subscribed), the fix won't be backported to older releases. Since it's a 'high' priority bug, it might be eligible for a Stable Release Update, but no users have asked for it. Much of the testing is done by volunteers; if nobody wants to volunteer....
– user535733
2 days ago
@user535733 Changed link to point to an actual bug. So, apparently this doesn't qualify as a security bug, huh?
– Antti Raila
2 days ago
Not sure what you mean by 'qualify'. There is no checklist. Are you saying that you believe it to be a serious security concern?
– user535733
2 days ago
1
Read up on how security bugs, Stable Release Updates, and Backports work. Those will answer most of your questions and show you the way forward to get action.
– user535733
yesterday