Maintenance release for 2.27: 2.27.6


#1

We discovered a potential issue with snaps that use the hardware-observe, network-control or network-observe interfaces in 2.27. We enabled seccomp argument filtering in 2.27. This limits what “domain” of the socket() syscall can be used by default. Most importantly the NETLINK_KOBJECT_UEVENT is no longer available by default. However for the interfaces above this protocol should be available.

We released 2.27.6 that fixes this issue. It is available in the beta channel for now and will be promoted to stable once the full QA cycle is completed.


#2

I’ll handle releases for Arch openSUSE (once infrastructure is back) and Debian (:heart: @mwhudson for enabling that). I’ll wait for a green light though.


#3

The Debian package is ready and has been uploaded a moment ago. The openSUSE package is likewise ready. I will prepare Arch package later (tomorrow).


#4

Hello, the 2.27.6 release is now in the candidate channel. Please help testing by snap refresh --candidate core and let us know if everything works as expected.

Test results: https://docs.google.com/document/d/15R26w7cwjdYegUDofAwI28LUtdfLNyp0um0WXWCzS60/edit

Please, let me know if you find any regression.


#5

The Arch package is in progress but is slowed down by a test failure that affects snapd on golang 1.9 Osutil tests fail on golang 1.9


#6

Fedora packages for snapd 2.27.6 have been submitted for testing:

They should be available in updates-testing within the next 24-48 hours.