Bug 1542416 - 'dnf updateinfo --info' provides incorrect output
Summary: 'dnf updateinfo --info' provides incorrect output
Alias: None
Product: Fedora
Classification: Fedora
Component: dnf
Version: 26
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Marek Blaha
QA Contact: Fedora Extras Quality Assurance
Keywords: Triaged
Depends On:
TreeView+ depends on / blocked
Reported: 2018-02-06 10:28 UTC by Eva Mrakova
Modified: 2018-06-28 08:17 UTC (History)
8 users (show)

Clone Of:
Last Closed: 2018-05-29 12:00:40 UTC

Attachments (Terms of Use)

Description Eva Mrakova 2018-02-06 10:28:54 UTC
Description of problem:
'dnf updateinfo --info' provides incorrect output when there are more advisories, namely it 
* provides "mixed" info of more advisories
* does not provide info about some advisories
* provides incorrect info about advisories (marks advisory as installed when it is not installed)
Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. use the upstream test updateinfo-2.feature for the settings of advisories 
   (it defines 5 advisories, a package from one of them is installed)
2. run 'dnf updateinfo --info all security'
3. run 'dnf updateinfo --info all' or 'dnf updateinfo --info'
4. compare the results of steps 2. and 3. with the same commands using --summary instead of --info (--summary works OK)

Actual results:

step 2.: Incorrect output here is a mixture of 2 advisories. They both have the same title but different IDs (RHSA-2999:004 is missing here). The problem does not appear when the titles are different.

# dnf updateinfo --info all security
Last metadata expiration check: 0:59:11 ago on Tue Feb  6 08:36:10 2018.
  TestB security update
  Update ID : RHSA-2999:001
       Type : security
    Updated : 2017-01-01 00:00:01
       Bugs : 444 - BZ444
            : 222 - BZ222
       CVEs : CVE-2999-0001
            : CVE-2999-0002
Description : Security Advisory
   Severity : Moderate
  Installed : true
# dnf updateinfo --summary all security
Last metadata expiration check: 1:02:38 ago on Tue Feb  6 08:36:10 2018.
Updates Information Summary: all
    2 Security notice(s)
        1 Critical Security notice(s)
        1 Moderate Security notice(s)

step 3.: There is missing info about 2 advisories here (RHSA-2999:001, RHSA-2999:004). Advisory RHBA-2999:002-02 is not installed although it is marked as installed.
Note: output of 'dnf updateinfo --info' is the same.

# dnf updateinfo --info all
Last metadata expiration check: 1:11:06 ago on Tue Feb  6 08:36:10 2018.
  TestA bugfix
  Update ID : RHBA-2999:002-02
       Type : bugfix
    Updated : 2017-01-01 00:00:01
       Bugs : 111 - BZ111
Description : Bugfix Advisory
   Severity : Low
  Installed : true

  TestA TestB bugfix
  Update ID : FEDORA-2999:0003
       Type : bugfix
    Updated : 2017-01-01 00:00:01
       Bugs : 333 - BZ333
Description : Default description of FEDORA-2999:0003
   Severity : Low
  Installed : false

  TestA enhancement
  Update ID : RHEA-2999:005
       Type : enhancement
    Updated : 2017-01-01 00:00:01
Description : Default description of RHEA-2999:005
   Severity : Low
  Installed : false

# dnf updateinfo --summary all
Last metadata expiration check: 1:14:51 ago on Tue Feb  6 08:36:10 2018.
Updates Information Summary: all
    2 Security notice(s)
        1 Critical Security notice(s)
        1 Moderate Security notice(s)
    2 Bugfix notice(s)
    1 Enhancement notice(s)

Expected results:
'dnf updateinfo --info' provides correct info

Additional info:

More useful outputs: list of all advisories and relevant installed packages: 
# dnf updateinfo --list all      
Last metadata expiration check: 0:00:51 ago on Tue Feb  6 10:01:12 2018.
  RHBA-2999:002-02 bugfix        TestA-2-1.noarch
  FEDORA-2999:0003 bugfix        TestA-3-1.noarch
  RHEA-2999:005    enhancement   TestA-4-1.noarch
i RHSA-2999:001    Moderate/Sec. TestB-2-1.noarch
  FEDORA-2999:0003 bugfix        TestB-3-1.noarch
  RHSA-2999:004    Critical/Sec. TestB-4-1.noarch
# rpm -qa | grep Test

Comment 1 Stanislav Kontar 2018-04-11 10:43:43 UTC
It seems that I have encountered similar problem. For example it says that 'avahi' package update is available, but I do not have it installed. I only have the libraries installed (and they have updates available).

$ dnf updateinfo --info updates | grep 'avahi-0' -A 8 -B 1
  Update ID : FEDORA-2018-9183a1d9a9
       Type : bugfix
    Updated : 2018-04-10 15:36:40
       Bugs : 1564059 - avahi-discover is missing "gi" module
Description : Add dependency to ensure avahi-discover works as expected.
   Severity : Moderate

$ dnf list installed | grep avahi
avahi-glib.x86_64                          0.7-3.fc27                   @fedora 
avahi-libs.x86_64                          0.7-3.fc27                   @fedora

Comment 2 Marek Blaha 2018-04-11 12:16:06 UTC
There was a bigger refactoring of updateinfo command lately (PR https://github.com/rpm-software-management/dnf/pull/1035)
This change is already part of our nightly builds. If you want to, you can try to install dnf from our copr repo
and see if this solves your issue.

Comment 3 Marek Blaha 2018-04-11 12:32:33 UTC
I looked into F27 updates repo updateinfo.xml and there is this (shortened):

<update from="updates@fedoraproject.org" status="testing" type="bugfix" version="2.0">
        <package name="avahi-glib" version="0.7" release="11.fc27" epoch="0" arch="x86_64" src="https://download.fedoraproject.org/pub/fedora/linux/updates/testing/27/x86_64/a/avahi-glib-0.7-11.fc27.x86_64.rpm">

So it looks like this advisory affects also avahi-glib package and this is the reason why it is listed.

Comment 4 Marek Blaha 2018-04-18 08:54:52 UTC
PR https://github.com/rpm-software-management/dnf/pull/1063 fixes issue.

Comment 5 Fedora End Of Life 2018-05-03 08:19:33 UTC
This message is a reminder that Fedora 26 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 26. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as EOL if it remains open with a Fedora  'version'
of '26'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version'
to a later Fedora version.

Thank you for reporting this issue and we are sorry that we were not
able to fix it before Fedora 26 is end of life. If you would still like
to see this bug fixed and are able to reproduce it against a later version
of Fedora, you are encouraged  change the 'version' to a later Fedora
version prior this bug is closed as described in the policy above.

Although we aim to fix as many bugs as possible during every release's
lifetime, sometimes those efforts are overtaken by events. Often a
more recent Fedora release includes newer upstream software that fixes
bugs or makes them obsolete.

Comment 6 Fedora End Of Life 2018-05-29 12:00:40 UTC
Fedora 26 changed to end-of-life (EOL) status on 2018-05-29. Fedora 26
is no longer maintained, which means that it will not receive any
further security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this

Thank you for reporting this bug and we are sorry it could not be fixed.

Comment 7 Jaroslav Mracek 2018-06-28 08:17:50 UTC
The issue is solved by dnf-3.0.1-1 that was released into rawhide.

Note You need to log in before you can comment on or make changes to this bug.