Bug 108427 - doesn't detect missing rpm over yum ftp:// or file:// urls
doesn't detect missing rpm over yum ftp:// or file:// urls
Product: Fedora
Classification: Fedora
Component: up2date (Show other bugs)
All Linux
medium Severity low
: ---
: ---
Assigned To: Bret McMillan
Fanny Augustin
Depends On:
Blocks: 120092
  Show dependency treegraph
Reported: 2003-10-29 08:32 EST by Damjan Lango
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-10-29 08:52:21 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Damjan Lango 2003-10-29 08:32:20 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1) Gecko/20031023

Description of problem:
If a rpm is missing in a yum repository with an ftp:// or file:// URL, up2date
fails to handle this situation. If the http:// URL is used then up2date
correctly reports that the file cannot be downloaded and aborts with:
Error while retrieving package kernel-source-2.4.22-1.2110.nptl.
The message was: An HTTP error occurred:
Status Code: 404 Error Message: Not Found

but if the url is file://, then a rpm package is created with it's own url text
inside the rpm file, if ftp:// is used then an empty rpm file is created and in
both cases up2date tries to install the corrupt .rpm package.

this situation can happen for example, if the mirror of repository was not
complete so that the headers are new, but rpms are not.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. use file:// or ftp:// url as a yum repository in sources
2. remove a .rpm file in the repository, but leave the header
3. try to update

Actual Results:  corrupted rpms are created and tried to install

Expected Results:  abort with an error message

Additional info:
Comment 1 John Thacker 2006-10-29 08:52:21 EST
Note that FC2 is no longer supported even by Fedora Legacy.  Also, up2date has
been replaced by pirut and pup since FC5.  FC3 and FC4 are supported by Fedora
Legacy for security issues only.  If this still occurs on FC3 or FC4 and is a
security issue, please reopen and assign to that version and Fedora Legacy.  If
it occurs on RHEL 3 or 4, please reassign or refile against that product.

The codebase for pirut and pup is quite different, so existing bugs do not
apply, but please continue testing them on the still supported versions of
Fedora Core and file bugs as necessary.

Note You need to log in before you can comment on or make changes to this bug.