Description of problem: $ dnf updateinfo --security Last metadata expiration check: 0:00:22 ago on Fri 08 Nov 2019 18:27:27 AEST. Updates Information Summary: available 1 Security notice(s) 1 Moderate Security notice(s) $ sudo dnf upgrade --security Last metadata expiration check: 0:09:42 ago on Fri 08 Nov 2019 18:18:27 AEST. No security updates needed, but 225 updates available Dependencies resolved. Nothing to do. Complete! Version-Release number of selected component (if applicable): $ rpm -q dnf dnf-4.2.11-2.fc30.noarch How reproducible: always Steps to Reproduce: 1. install F30 2. dnf upgrade --security 3. dnf updateinfo --security 4. dnf upgrade --security Actual results: some security updates are not applied Expected results: all security updates are applied Additional info: same story for bugfix updates
This could occur due to non installability of given security update. You can check details about security updates found using command `dnf updateinfo list --security` Then please add --best option to the upgrade command (`dnf upgrade --security --best`) to enforce using only the latest versions of packages. Then you could see that some updates cannot be installed and error message with more details why the package is not installable - usually some conflict is the cause. There is also possibility, that security advisory is not installable because the package with update is not available in any of enabled repositories. This is usually the case for *-debuginfo or *-debugsource packages. In this case you need to enable *-debuginfo repositories (e.g. by adding --enablerepo=*-debuginfo switch: `dnf upgrade --security --best --enablerepo=*-debuginfo`).
You are correct. The security package that does not install is kernel-5.3.6, which I understand has been problematic, though the kernel currently installed is kernel-5.0.9. Manual updating of the kernel works. I still have some bugfix updates that are not picked up by dnf upgrade --bugfix. They can be manually installed, with the exception of tracker, the version of which listed on updateinfo list --bugfix being the version currently installed. $ dnf updateinfo list -q --security FEDORA-2019-ab7d22a466 Moderate/Sec. gd-2.2.5-9.fc30.x86_64 FEDORA-2019-057d691fd4 Moderate/Sec. kernel-5.3.6-200.fc30.x86_64 FEDORA-2019-057d691fd4 Moderate/Sec. kernel-core-5.3.6-200.fc30.x86_64 FEDORA-2019-057d691fd4 Moderate/Sec. kernel-modules-5.3.6-200.fc30.x86_64 FEDORA-2019-057d691fd4 Moderate/Sec. kernel-modules-extra-5.3.6-200.fc30.x86_64 FEDORA-2019-e99b716a92 Moderate/Sec. python3-unbound-1.9.4-1.fc30.x86_64 FEDORA-2019-e99b716a92 Moderate/Sec. unbound-libs-1.9.4-1.fc30.x86_64 $ sudo dnf upgrade --security --best Last metadata expiration check: 0:30:37 ago on Tue 12 Nov 2019 01:47:52 AEST. Dependencies resolved. ================================================================================ Package Architecture Version Repository Size ================================================================================ Upgrading: gd x86_64 2.2.5-9.fc30 updates 131 k python3-unbound x86_64 1.9.4-1.fc30 updates 104 k unbound-libs x86_64 1.9.4-1.fc30 updates 498 k Transaction Summary ================================================================================ Upgrade 3 Packages Total download size: 734 k Is this ok [y/N]: Operation aborted. $ dnf updateinfo list -q --bugfix FEDORA-2019-f4eb34cf4c bugfix gjs-1.56.2-1.fc30.x86_64 FEDORA-2019-57b5902ed1 bugfix gjs-1.56.2-6.fc30.x86_64 FEDORA-2019-f4eb34cf4c bugfix glib-networking-2.60.2-1.fc30.x86_64 FEDORA-2019-00d46ae95b bugfix glib-networking-2.60.3-1.fc30.x86_64 FEDORA-2019-f4eb34cf4c bugfix gnome-calendar-3.32.1-1.fc30.x86_64 FEDORA-2019-ff0223e2ca bugfix gnome-calendar-3.32.2-5.fc30.x86_64 FEDORA-2019-f4eb34cf4c bugfix gnome-maps-3.32.2-1.fc30.x86_64 FEDORA-2019-f753065e96 bugfix gnome-maps-3.32.2.1-1.fc30.x86_64 FEDORA-2019-f4eb34cf4c bugfix gnome-software-3.32.2-1.fc30.x86_64 FEDORA-2019-48c225e982 bugfix gnome-software-3.32.4-3.fc30.x86_64 FEDORA-2019-f4eb34cf4c bugfix libdazzle-3.32.2-1.fc30.x86_64 FEDORA-2019-e5389b8e30 bugfix libdazzle-3.32.3-1.fc30.x86_64 FEDORA-2019-f7675395b8 bugfix libgee-0.20.1-5.fc30.x86_64 FEDORA-2019-3341c2ef96 bugfix libgee-0.20.2-1.fc30.x86_64 FEDORA-2019-f4eb34cf4c bugfix nautilus-3.32.1-1.fc30.x86_64 FEDORA-2019-2537cde88a bugfix nautilus-3.32.3-1.fc30.x86_64 FEDORA-2019-f4eb34cf4c bugfix nautilus-extensions-3.32.1-1.fc30.x86_64 FEDORA-2019-2537cde88a bugfix nautilus-extensions-3.32.3-1.fc30.x86_64 FEDORA-2019-b934acd8ae bugfix tracker-2.2.2-1.fc30.x86_64 $ sudo dnf upgrade --bugfix --best Last metadata expiration check: 0:22:49 ago on Tue 12 Nov 2019 01:47:52 AEST. No security updates needed, but 227 updates available Dependencies resolved. Nothing to do. Complete! $ sudo dnf upgrade --best $(dnf updateinfo list -q --bugfix | cut -d' ' -f3) Last metadata expiration check: 0:28:19 ago on Tue 12 Nov 2019 01:47:52 AEST. No match for argument: gjs-1.56.2-1.fc30.x86_64 No match for argument: glib-networking-2.60.2-1.fc30.x86_64 No match for argument: gnome-calendar-3.32.1-1.fc30.x86_64 No match for argument: gnome-maps-3.32.2-1.fc30.x86_64 No match for argument: gnome-software-3.32.2-1.fc30.x86_64 No match for argument: libdazzle-3.32.2-1.fc30.x86_64 No match for argument: libgee-0.20.1-5.fc30.x86_64 No match for argument: nautilus-3.32.1-1.fc30.x86_64 No match for argument: nautilus-extensions-3.32.1-1.fc30.x86_64 No match for argument: tracker-2.2.2-1.fc30.x86_64 Dependencies resolved. ================================================================================ Package Arch Version Repository Size ================================================================================ Upgrading: gjs x86_64 1.56.2-6.fc30 updates 418 k glib-networking x86_64 2.60.3-1.fc30 updates 141 k gnome-calendar x86_64 3.32.2-5.fc30 updates 561 k gnome-maps x86_64 3.32.2.1-1.fc30 updates 636 k gnome-software x86_64 3.32.4-3.fc30 updates 15 M libdazzle x86_64 3.32.3-1.fc30 updates 395 k libgee x86_64 0.20.2-1.fc30 updates 254 k nautilus x86_64 3.32.3-1.fc30 updates 2.6 M nautilus-extensions x86_64 3.32.3-1.fc30 updates 33 k Transaction Summary ================================================================================ Upgrade 9 Packages Total download size: 20 M Is this ok [y/N]: Operation aborted. $ rpm -q tracker tracker-2.2.1-1.fc30.x86_64
Kernel is sort of specific - updateinfo used to print advisories for all installed kernels but this has changed recently and only advisories for the newest installed version of the kernel plus advisories for the running kernel are printed. So you will receive security advisories until you reboot with the latest kernel. As far as bugfixes are concerned - partly that is the nature of fedora-updates repository. You have only the latest update available in the repo. But on the other hand installing of gjs-1.56.2-6.fc30.x86_64 will resolve also advisories for older version (FEDORA-2019-f4eb34cf4c bugfix gjs-1.56.2-1.fc30.x86_64). What does need closer look is why `sudo dnf upgrade --bugfix --best` does not want to install any packages although there are upgrades available. Can you please provide the currently installed versions of those packages (rpm -q gjs glib-networking gnome-calendar...) so I could try to reproduce the issue and hopefully resolve it.
The versions are just those that ship with F30. I'm running in Boxes and haven't updated these (and a bunch of other) packages yet. $ rpm -q gjs glib-networking gnome-calendar gnome-maps gnome-software libdazzle libgee nautilus nautilus-extensions tracker gjs-1.56.1-1.fc30.x86_64 glib-networking-2.60.1-2.fc30.x86_64 gnome-calendar-3.32.0-1.fc30.x86_64 gnome-maps-3.32.1-2.fc30.x86_64 gnome-software-3.32.1-2.fc30.x86_64 libdazzle-3.32.1-2.fc30.x86_64 libgee-0.20.1-4.fc30.x86_64 nautilus-3.32.0-1.fc30.x86_64 nautilus-extensions-3.32.0-1.fc30.x86_64 tracker-2.2.1-1.fc30.x86_64
Thanks! I'll look into it.
PR https://github.com/rpm-software-management/libdnf/pull/883 fixes upgrading packages using security advisories.
This message is a reminder that Fedora 30 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora 30 on 2020-05-26. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '30'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 30 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete.