Bug 2048554

Summary: Satellite Incorrectly Shows 2 Erratas Applicable for RHEL8 Host
Product: Red Hat Satellite Reporter: myoder
Component: Errata ManagementAssignee: satellite6-bugs <satellite6-bugs>
Status: NEW --- QA Contact: Satellite QE Team <sat-qe-bz-list>
Severity: low Docs Contact:
Priority: unspecified    
Version: 6.10.0CC: addubey, akapse, hyu, jhanley
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description myoder 2022-01-31 13:57:11 UTC 
Description of problem:

RHEL8 host has the perl 5.26 module enabled and the perl-DBD-SQLite package installed:

~~~
[root@rhel8 ~]# dnf list installed | grep perl-DBD
perl-DBD-SQLite.x86_64                        1.58-2.module+el8.1.0+2940+f62455ee        @rhel-8-for-x86_64-appstream-rpms     

[root@rhel8 ~]# dnf module list | grep perl
perl                 5.24            common [d], minimal                      Practical Extraction and Report Language                                                                                                                                                                                         
perl                 5.26 [d][e]     common [d], minimal                      Practical Extraction and Report Language                                                                                                                                                                                         
perl                 5.30            common [d], minimal                      Practical Extraction and Report Language                                                                                                                                                                                         
perl-App-cpanminus   1.7044 [d]      common [d]                               Get, unpack, build and install CPAN modules                                                                                                                                                                                      
perl-DBD-MySQL       4.046 [d]       common [d]                               A MySQL interface for Perl                                                                                                                                                                                                       
perl-DBD-Pg          3.7 [d]         common [d]                               A PostgreSQL interface for Perl                                                                                                                                                                                                  
perl-DBD-SQLite      1.58 [d][e]     common [d]                               SQLite DBI driver                                                                                                                                                                                                                
perl-DBI             1.641 [d][e]    common [d]                               A database access API for Perl                                                                                                                                                                                                   
perl-FCGI            0.78 [d]        common [d]                               FastCGI Perl bindings                                                                                                                                                                                                            
perl-IO-Socket-SSL   2.066 [d][e]    common [d]                               Perl library for transparent TLS                                                                                                                                                                                                 
perl-YAML            1.24 [d]        common [d]                               Perl parser for YAML                                                                                                                                                                                                             
perl-libwww-perl     6.34 [d][e]     common [d]                               A Perl interface to the World-Wide Web                                                        
~~~

Once the perl-DBD-SQLite package in installed, Satellite indicates 2 erratas that need to be applied, RHEA-2020:4727 and  RHBA-2019:3337.  The issue is that RHEA-2020:4727 is for perl 5.30, and RHBA-2019:3337 is for perl 5.24.  The host has perl 5.26 module enabled.  And if the host tries to install either of those erratas, yum indicates nothing to do:
~~~
[root@rhel8 ~]# yum update --advisory RHEA-2020:4727                                       
Updating Subscription Management repositories.
Red Hat Enterprise Linux 8 for x86_64 - Supplementary (RPMs)                                                                             33 kB/s | 3.8 kB     00:00    
Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)                                                                                    33 MB/s |  42 MB     00:01    
Red Hat Satellite Tools 6.10 for RHEL 8 x86_64 (RPMs)                                                                                    57 kB/s | 3.8 kB     00:00    
Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)                                                                                 18 MB/s |  38 MB     00:02    
No security updates needed, but 363 updates available
Dependencies resolved.
Nothing to do.
Complete!

[root@rhel8 ~]# yum update --advisory RHBA-2019:3337
Updating Subscription Management repositories.
Red Hat Enterprise Linux 8 for x86_64 - Supplementary (RPMs)                                                                             55 kB/s | 3.8 kB     00:00    
Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)                                                                                    62 kB/s | 4.1 kB     00:00    
Red Hat Satellite Tools 6.10 for RHEL 8 x86_64 (RPMs)                                                                                    63 kB/s | 3.8 kB     00:00    
Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)                                                                                 71 kB/s | 4.5 kB     00:00    
No security updates needed, but 363 updates available
Dependencies resolved.
Nothing to do.
Complete!
~~~

If the perl-DBD-SQLite package is removed, the erratas no longer show as applicable from Satellite UI.


Both RHEA-2020:4727 and RHBA-2019:3337 return duplicates when I search for them in the filter box under the Content => Errata page.  Something like "errata_id=RHBA-2019:3337" will result in 2 entries for RHBA-2019:3337.  The 2 results appear identical, except for the applicable host count.  When my RHEL8 host has the perl-DBD-SQLite package installed from the perl 5.26 module, 1 of the erratas shows as 0 hosts applicable, while the other shows 1 host applicable.  When I remove the perl-DBD-SQLite package, neither of the duplicate erratas shows as applicable.  Not sure if this is related, but seems weird.  I noticed this same behavior on Satellite 6.9.  However, I didn't notice this issue while testing with Satellite 6.8.



Version-Release number of selected component (if applicable):
Satellite 6.9 
Satellite 6.10

How reproducible:
always

Steps to Reproduce:
1. Clean RHEL8 host registered to Satellite with katello-host-tools installed
2. Enable perl 5.26 and install perl-DBD-SQLite
3. View Content Host Applicable Errata from Satellite UI

Actual results:
2 erratas RHEA-2020:4727 and RHBA-2019:3337 show as applicable.

Expected results:
Neither RHEA-2020:4727 or RHBA-2019:3337 should show as applicable.

Additional info:
Comment 2 Jessica Hanley 2022-09-13 00:56:25 UTC 
My customer has the same issue, and it's affecting (at least) MariaDB and Perl on their RHEL 8 servers.  For MariaDB in particular, they have version 10.3 enabled, but Satellite tells them that packages for module 10.5 are available.

Not only are they unaware of which RHEL 8 hosts _actually_ have applicable security updates until they try to apply them, but they're required to perform manual security audits of every such alert (even if the packages _can't_ be applied).  A lot of work on the customer side would be saved if Satellite accurately alerted them to security updates for modules that they have enabled, rather than for modules that they haven't enabled.