Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

noVNC Snap needs regular rebuild for updates #1634

Open
tkedwards opened this issue Mar 16, 2022 · 3 comments
Open

noVNC Snap needs regular rebuild for updates #1634

tkedwards opened this issue Mar 16, 2022 · 3 comments
Labels

Comments

@tkedwards
Copy link
Contributor

I got this notification from Ubuntu's Snap store. Does noVNC use libssl at all? if so the Snap package might need a rebuild

A scan of this snap shows that it was built with packages from the Ubuntu
archive that have since received security updates. The following lists new
USNs for affected binary packages in each snap revision:

Revision r22 (amd64; channels: edge)

  • libssl1.1: 5328-1

Revision r8 (amd64; channels: stable, candidate)

  • libssl1.1: 5328-1

Simply rebuilding the snap will pull in the new security updates and
resolve this. If your snap also contains vendored code, now might be a
good time to review it for any needed updates.

Thank you for your snap and for attending to this matter.

References:

@CendioOssman
Copy link
Member

This has been a concern of mine ever since container solutions like snap started getting popular. The security issues will multiply enormously as every container needs to be constantly updated and rebuilt.

I've triggered a re-run of the latest snap publishing action, which should update edge.

But other than that I'm afraid I'll consider these things to be a fundamental design bug of snap and working around this would be a feature on our part. So I'm marking this as a feature request for finding some way to automatically update snaps.

@CendioOssman CendioOssman changed the title noVNC Snap possibly needing a rebuild noVNC Snap needs regular rebuild for updates Mar 17, 2022
@tkedwards
Copy link
Contributor Author

Thanks

I think this is the first time since I made the Snap (2 years ago maybe?) that you've needed to manually trigger a rebuild. And Canonical does notify when a rebuild is needed for security updates. Hopefully it doesn't become too much of a regular thing

@aikooo7
Copy link

aikooo7 commented Oct 12, 2024

And Canonical does notify when a rebuild is needed for security updates.

How do they notify? Is this possible to be automated?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants