Ubuntu – Firefox keeps updating in the background

firefoxSecurityupgrade

Several times a week, Firefox (version 68.0.2+build1-0ubuntu0.18.04.1) is getting into a state where it refuses to open new tabs and instead says it has been upgraded in the background and needs to restart.

I'm pretty sure I haven't been running apt upgrade or anything of that sort since the Firefox instance in question was started. Is it supposed to somehow download updates from some unknown third-party source on its own, bypassing the package manager? Or have I been compromised?

Best Answer

Unattended Upgrades

The default settings of Ubuntu have Unattended Upgrades enabled for new packages that are pushed by the Ubuntu Security Team (the "-security" pocket of the Ubuntu Repositories).

New releases of web browsers usually include many security fixes, so the Ubuntu Security Team pushes the new browser. Generally, new releases ONLY go into the next release of Ubuntu and are NOT backported. Web browsers, for various reasons, are a very rare exception to that practice: All supported releases of Ubuntu always get the newest web browser.

The easy way to check if Unattended Upgrades has recently upgraded your web browser is to check the log: /var/log/unattended-upgrades/unattended-upgrades.log