The position of the Security Team has been consistent that kernel live patching allows users to defer reboots, it does not allow users to avoid them. Because not all security fixes are included in live patches, and because correlating the live patch CVEs to the kernel deb CVEs requires knowledge that's external to the packages themselves, hiding the 'reboot required' message will give users a false sense of security about their system.
Cc:ing Tyler for any further comment. Whatever our policy is going to be here, it should be consistent across the board for both desktop and server (which may fall out naturally from changes to update-notifier, but maybe not). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1747499 Title: 98-reboot-required and Interaction with livepatch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-notifier/+bug/1747499/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
