From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1) Gecko/20031023 Description of problem: If a rpm is missing in a yum repository with an ftp:// or file:// URL, up2date fails to handle this situation. If the http:// URL is used then up2date correctly reports that the file cannot be downloaded and aborts with: Error while retrieving package kernel-source-2.4.22-1.2110.nptl. The message was: An HTTP error occurred: URL:http://linux.hermes.si/pub/redhat/rawhide//i386/Fedora/RPMS/kernel-source-2.4.22-1.2110.nptl.i386.rpm Status Code: 404 Error Message: Not Found but if the url is file://, then a rpm package is created with it's own url text inside the rpm file, if ftp:// is used then an empty rpm file is created and in both cases up2date tries to install the corrupt .rpm package. this situation can happen for example, if the mirror of repository was not complete so that the headers are new, but rpms are not. Version-Release number of selected component (if applicable): up2date-4.1.12-1 How reproducible: Always Steps to Reproduce: 1. use file:// or ftp:// url as a yum repository in sources 2. remove a .rpm file in the repository, but leave the header 3. try to update Actual Results: corrupted rpms are created and tried to install Expected Results: abort with an error message Additional info:
Note that FC2 is no longer supported even by Fedora Legacy. Also, up2date has been replaced by pirut and pup since FC5. FC3 and FC4 are supported by Fedora Legacy for security issues only. If this still occurs on FC3 or FC4 and is a security issue, please reopen and assign to that version and Fedora Legacy. If it occurs on RHEL 3 or 4, please reassign or refile against that product. The codebase for pirut and pup is quite different, so existing bugs do not apply, but please continue testing them on the still supported versions of Fedora Core and file bugs as necessary.