From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3)
Description of problem:
yum should have a feature for forcing the http cache to give a new
version of the files. In my case, a certain http cache in the middle
had cached an older repomd.xml, so yum failed the checksum check when
it compared that checksum with a new version of primary.xml.gz.
It should have an option like wget's cache options that sends a
"Pragma: no-cache" server directive to the server (and thus to the cache).
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Configure an http cache in a way that it caches repomd.xml unless
one forces it to refresh, using "Pragma: no-cache", but doesn't cache
2. yum update
3. wait a few days
4. yum update
Actual Results: the update fails with a failed checksum error.
Expected Results: the machine should be updated.
The workaround is getting all the files in the "repodata" directory
with a wget with its cache off, then retrying yum update.
This is now filed in the yum bugzilla as bug #412:
Patches are now available upstream at:
with discussion about *possible* security implications.
fixed upstream and in latest releases iirc.