This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 470933 - unescaped '&', '<', '>' in updateinfo.xml and failing yum-security plugin
unescaped '&', '<', '>' in updateinfo.xml and failing yum-security plugin
Status: CLOSED ERRATA
Product: Red Hat Satellite 5
Classification: Red Hat
Component: Client (Show other bugs)
501
All Linux
high Severity high
: ---
: ---
Assigned To: Pradeep Kilambi
wes hayutin
:
Depends On: 428819
Blocks: 459674
  Show dependency treegraph
 
Reported: 2008-11-10 17:41 EST by Xixi
Modified: 2010-10-23 01:49 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-12-08 17:01:37 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Comment 1 Xixi 2008-11-10 17:43:27 EST
This bug is for backport of fix for original bug 428819 into 5.1.x satellite
Comment 9 wes hayutin 2008-11-18 11:05:02 EST
testing 4.2
rhel-i386-server-5        100% |=========================| 1.2 kB    00:00     
primary.xml.gz            100% |=========================| 1.5 MB    00:00     
rhel-i386-: ################################################## 4286/4286
Skipping security plugin, no data
Setting up Update Process
Resolving Dependencies
Skipping security plugin, no data
--> Running transaction check
---> Package cups-libs.i386 1:1.2.4-11.18.el5_2.1 set to be updated
---> Package vim-minimal.i386 2:7.0.109-4.el5_2.2z set to be updated
---> Package bind-libs.i386 30:9.3.4-6.0.2.P1.el5_2 set to be updated
---> Package nss_ldap.i386 0:253-13.el5_2.1 set to be updated
---> Package redhat-release-notes.i386 0:5Server-15 set to be updated
---> Package Deployment_Guide-en-US.noarch 0:5.2-11 set to be updated
---> Package nfs-utils.i386 1:1.0.9-35z.el5_2 set to be updated
---> Package bluez-utils.i386 0:3.7-2.2 set to be updated
---> Package tzdata.noarch 0:2008b-3.el5 set to be updated
---> Package nspr.i386 0:4.7.1-1.el5 set to be updated
---> Package ipsec-tools.i386 0:0.6.5-9.el5_2.1 set to be updated
---> Package dhcpv6-client.i386 0:1.0.10-4.el5_2.2 set to be updated
---> Package yum-rhn-plugin.noarch 0:0.5.3-6.el5_2.6 set to be updated
---> Package kernel.i686 0:2.6.18-92.1.6.el5 set to be installed
---> Package vim-enhanced.i386 2:7.0.109-4.el5_2.2z set to be updated
---> Package nss-tools.i386 0:3.12.0.3-1.el5 set to be updated
---> Package bluez-libs.i386 0:3.7-1.1 set to be updated
---> Package vim-common.i386 2:7.0.109-4.el5_2.2z set to be updated
---> Package selinux-policy.noarch 0:2.4.6-137.1.el5_2 set to be updated
---> Package perl.i386 4:5.8.8-10.el5_2.3 set to be updated
---> Package net-snmp-libs.i386 1:5.3.1-24.el5_2.1 set to be updated
---> Package gnutls.i386 0:1.4.1-3.el5_1 set to be updated
---> Package bind-utils.i386 30:9.3.4-6.0.2.P1.el5_2 set to be updated
---> Package nss.i386 0:3.12.0.3-1.el5 set to be updated
---> Package openldap.i386 0:2.3.27-8.el5_2.4 set to be updated
---> Package yum.noarch 0:3.2.8-9.el5_2.1 set to be updated
---> Package selinux-policy-targeted.noarch 0:2.4.6-137.1.el5_2 set to be updated
---> Package cups.i386 1:1.2.4-11.18.el5_2.1 set to be updated
--> Processing Dependency: cups-libs = 1:1.2.4-0 for package: cups
---> Package freetype.i386 0:2.2.1-20.el5_2 set to be updated
--> Processing Conflict: ecryptfs-utils conflicts kernel < 2.6.18-61
--> Finished Dependency Resolution
Error: Missing Dependency: cups-libs = 1:1.2.4-0 is needed by package cups
Error: ecryptfs-utils conflicts with kernel < 2.6.18-61
[root@fjs-0-12 ~]# yum list-security
Loading "security" plugin
Loading "rhnplugin" plugin
rhel-i386-server-5        100% |=========================| 1.2 kB    00:00     
updateinfo.xml.gz         100% |=========================| 401 kB    00:00     
Traceback (most recent call last):
  File "/usr/bin/yum", line 29, in ?
    yummain.main(sys.argv[1:])
  File "/usr/share/yum-cli/yummain.py", line 105, in main
    result, resultmsgs = base.doCommands()
  File "/usr/share/yum-cli/cli.py", line 293, in doCommands
    return self.yum_cli_commands[self.basecmd].doCommand(self, self.basecmd, self.extcmds)
  File "/usr/lib/yum-plugins/security.py", line 187, in doCommand
    md_info = ysp_gen_metadata(self)
  File "/usr/lib/yum-plugins/security.py", line 59, in ysp_gen_metadata
    md_info.add(repo)
  File "/usr/lib/python2.4/site-packages/yum/update_md.py", line 272, in add
    for event, elem in iterparse(infile):
  File "<string>", line 64, in __iter__
SyntaxError: not well-formed (invalid token): line 18012, column 70
[root@fjs-0-12 ~]# rm -Rf /var/cache/rh
[root@fjs-0-12 ~]# yum clean all
Loading "security" plugin
Loading "rhnplugin" plugin
Cleaning up Everything
[root@fjs-0-12 ~]# rm -Rf /var/cache/
coolkey/    cups/       fontconfig/ logwatch/   man/        yum/
[root@fjs-0-12 ~]# rm -Rf /var/cache/yum/

Error: Cannot retrieve repository metadata (repomd.xml) for repository: rhel-i386-server-5. Please verify its path and try again
[root@fjs-0-12 ~]# rhnreg_ks --username=admin --pass=dog8code --serverUrl=http://rlx-2-20.rhndev.redhat.com/XMLRPC --force
[root@fjs-0-12 ~]# yum update
Loading "security" plugin
Loading "rhnplugin" plugin
rhel-i386-server-5        100% |=========================| 1.2 kB    00:00     
primary.xml.gz            100% |=========================| 1.5 MB    00:00     
rhel-i386-: ################################################## 4286/4286
Skipping security plugin, no data
Setting up Update Process
Resolving Dependencies
Skipping security plugin, no data
--> Running transaction check
---> Package cups-libs.i386 1:1.2.4-11.18.el5_2.1 set to be updated
---> Package vim-minimal.i386 2:7.0.109-4.el5_2.2z set to be updated
---> Package bind-libs.i386 30:9.3.4-6.0.2.P1.el5_2 set to be updated
---> Package nss_ldap.i386 0:253-13.el5_2.1 set to be updated
---> Package redhat-release-notes.i386 0:5Server-15 set to be updated
---> Package Deployment_Guide-en-US.noarch 0:5.2-11 set to be updated
---> Package nfs-utils.i386 1:1.0.9-35z.el5_2 set to be updated
---> Package bluez-utils.i386 0:3.7-2.2 set to be updated
---> Package tzdata.noarch 0:2008b-3.el5 set to be updated
---> Package nspr.i386 0:4.7.1-1.el5 set to be updated
---> Package ipsec-tools.i386 0:0.6.5-9.el5_2.1 set to be updated
---> Package dhcpv6-client.i386 0:1.0.10-4.el5_2.2 set to be updated
---> Package yum-rhn-plugin.noarch 0:0.5.3-6.el5_2.6 set to be updated
---> Package kernel.i686 0:2.6.18-92.1.6.el5 set to be installed
---> Package vim-enhanced.i386 2:7.0.109-4.el5_2.2z set to be updated
---> Package nss-tools.i386 0:3.12.0.3-1.el5 set to be updated
---> Package bluez-libs.i386 0:3.7-1.1 set to be updated
---> Package vim-common.i386 2:7.0.109-4.el5_2.2z set to be updated
---> Package selinux-policy.noarch 0:2.4.6-137.1.el5_2 set to be updated
---> Package perl.i386 4:5.8.8-10.el5_2.3 set to be updated
---> Package net-snmp-libs.i386 1:5.3.1-24.el5_2.1 set to be updated
---> Package gnutls.i386 0:1.4.1-3.el5_1 set to be updated
---> Package bind-utils.i386 30:9.3.4-6.0.2.P1.el5_2 set to be updated
---> Package nss.i386 0:3.12.0.3-1.el5 set to be updated
---> Package openldap.i386 0:2.3.27-8.el5_2.4 set to be updated
---> Package yum.noarch 0:3.2.8-9.el5_2.1 set to be updated
---> Package selinux-policy-targeted.noarch 0:2.4.6-137.1.el5_2 set to be updated
---> Package cups.i386 1:1.2.4-11.18.el5_2.1 set to be updated
---> Package freetype.i386 0:2.2.1-20.el5_2 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size 
=============================================================================
Installing:
 kernel                  i686       2.6.18-92.1.6.el5  rhel-i386-server-5   14 M
Updating:
 Deployment_Guide-en-US  noarch     5.2-11           rhel-i386-server-5  3.5 M
 bind-libs               i386       30:9.3.4-6.0.2.P1.el5_2  rhel-i386-server-5  846 k
 bind-utils              i386       30:9.3.4-6.0.2.P1.el5_2  rhel-i386-server-5  166 k
 bluez-libs              i386       3.7-1.1          rhel-i386-server-5   55 k
 bluez-utils             i386       3.7-2.2          rhel-i386-server-5  346 k
 cups                    i386       1:1.2.4-11.18.el5_2.1  rhel-i386-server-5  2.7 M
 cups-libs               i386       1:1.2.4-11.18.el5_2.1  rhel-i386-server-5  181 k
 dhcpv6-client           i386       1.0.10-4.el5_2.2  rhel-i386-server-5  121 k
 freetype                i386       2.2.1-20.el5_2   rhel-i386-server-5  313 k
 gnutls                  i386       1.4.1-3.el5_1    rhel-i386-server-5  350 k
 ipsec-tools             i386       0.6.5-9.el5_2.1  rhel-i386-server-5  351 k
 net-snmp-libs           i386       1:5.3.1-24.el5_2.1  rhel-i386-server-5  1.2 M
 nfs-utils               i386       1:1.0.9-35z.el5_2  rhel-i386-server-5  378 k
 nspr                    i386       4.7.1-1.el5      rhel-i386-server-5  119 k
 nss                     i386       3.12.0.3-1.el5   rhel-i386-server-5  1.1 M
 nss-tools               i386       3.12.0.3-1.el5   rhel-i386-server-5  2.2 M
 nss_ldap                i386       253-13.el5_2.1   rhel-i386-server-5  1.4 M
 openldap                i386       2.3.27-8.el5_2.4  rhel-i386-server-5  288 k
 perl                    i386       4:5.8.8-10.el5_2.3  rhel-i386-server-5   12 M
 redhat-release-notes    i386       5Server-15       rhel-i386-server-5  1.9 M
 selinux-policy          noarch     2.4.6-137.1.el5_2  rhel-i386-server-5  382 k
 selinux-policy-targeted  noarch     2.4.6-137.1.el5_2  rhel-i386-server-5  911 k
 tzdata                  noarch     2008b-3.el5      rhel-i386-server-5  753 k
 vim-common              i386       2:7.0.109-4.el5_2.2z  rhel-i386-server-5  6.5 M
 vim-enhanced            i386       2:7.0.109-4.el5_2.2z  rhel-i386-server-5  1.3 M
 vim-minimal             i386       2:7.0.109-4.el5_2.2z  rhel-i386-server-5  313 k
 yum                     noarch     3.2.8-9.el5_2.1  rhel-i386-server-5  582 k
 yum-rhn-plugin          noarch     0.5.3-6.el5_2.6  rhel-i386-server-5   54 k

Transaction Summary
=============================================================================
Install      1 Package(s)         
Update      28 Package(s)         
Remove       0 Package(s)         

Total download size: 54 M
Is this ok [y/N]: Exiting on user Command
Complete!
[root@fjs-0-12 ~]# yum list-security
Loading "security" plugin
Loading "rhnplugin" plugin
rhel-i386-server-5        100% |=========================| 1.2 kB    00:00     
updateinfo.xml.gz         100% |=========================| 401 kB    00:00     
RHBA-2008:0551-3 bugfix   Deployment_Guide-en-US - 5.2-11.noarch
RHSA-2008:0498-3 security cups - 1:1.2.4-11.18.el5_2.1.i386
RHSA-2008:0498-3 security cups-libs - 1:1.2.4-11.18.el5_2.1.i386
RHBA-2008:0526-6 bugfix   dhcpv6-client - 1.0.10-4.el5_2.2.i386
RHSA-2008:0556-8 security freetype - 2.2.1-20.el5_2.i386
RHSA-2008:0489-1 security gnutls - 1.4.1-3.el5_1.i386
RHBA-2008:0513-2 bugfix   ipsec-tools - 0.6.5-9.el5_2.1.i386
RHSA-2008:0519-24 security kernel - 2.6.18-92.1.6.el5.i686
RHSA-2008:0529-4 security net-snmp-libs - 1:5.3.1-24.el5_2.1.i386
RHSA-2008:0486-4 security nfs-utils - 1:1.0.9-35z.el5_2.i386
RHBA-2008:0557-2 bugfix   nspr - 4.7.1-1.el5.i386
RHBA-2008:0557-2 bugfix   nss - 3.12.0.3-1.el5.i386
RHBA-2008:0557-2 bugfix   nss-tools - 3.12.0.3-1.el5.i386
RHBA-2008:0611-3 bugfix   nss_ldap - 253-13.el5_2.1.i386
RHSA-2008:0522-4 security perl - 4:5.8.8-10.el5_2.3.i386
RHBA-2008:0278-5 bugfix   redhat-release-notes - 5Server-15.i386
RHEA-2008:0506-5 enhancement tzdata - 2008b-3.el5.noarch
RHSA-2008:0580-3 security vim-common - 2:7.0.109-4.el5_2.2z.i386
RHSA-2008:0580-3 security vim-enhanced - 2:7.0.109-4.el5_2.2z.i386
RHSA-2008:0580-3 security vim-minimal - 2:7.0.109-4.el5_2.2z.i386
RHBA-2008:0487-2 bugfix   yum - 3.2.8-9.el5_2.1.noarch
RHBA-2008:0488-2 bugfix   yum-rhn-plugin - 0.5.3-6.el5_2.6.noarch
list-security done
[root@fjs-0-12 ~]#
Comment 10 wes hayutin 2008-11-18 11:07:15 EST
testing 5.1

[root@fjs-0-12 ~]# yum list-security
Loading "security" plugin
Loading "rhnplugin" plugin
rhel-i386-server-5        100% |=========================| 1.4 kB    00:00     
Traceback (most recent call last):
  File "/usr/bin/yum", line 29, in ?
    yummain.main(sys.argv[1:])
  File "/usr/share/yum-cli/yummain.py", line 105, in main
    result, resultmsgs = base.doCommands()
  File "/usr/share/yum-cli/cli.py", line 293, in doCommands
    return self.yum_cli_commands[self.basecmd].doCommand(self, self.basecmd, self.extcmds)
  File "/usr/lib/yum-plugins/security.py", line 187, in doCommand
    md_info = ysp_gen_metadata(self)
  File "/usr/lib/yum-plugins/security.py", line 59, in ysp_gen_metadata
    md_info.add(repo)
  File "/usr/lib/python2.4/site-packages/yum/update_md.py", line 272, in add
    for event, elem in iterparse(infile):
  File "<string>", line 64, in __iter__
SyntaxError: not well-formed (invalid token): line 18012, column 70
[root@fjs-0-12 ~]# rm -Rf /var/cache/yum/
[root@fjs-0-12 ~]# yum list-security
Loading "security" plugin
Loading "rhnplugin" plugin
rhel-i386-server-5        100% |=========================| 1.4 kB    00:00     
primary.xml.gz            100% |=========================| 1.5 MB    00:00     
rhel-i386-: ################################################## 4286/4286
updateinfo.xml.gz         100% |=========================| 401 kB    00:00     
Traceback (most recent call last):
  File "/usr/bin/yum", line 29, in ?
    yummain.main(sys.argv[1:])
  File "/usr/share/yum-cli/yummain.py", line 105, in main
    result, resultmsgs = base.doCommands()
  File "/usr/share/yum-cli/cli.py", line 293, in doCommands
    return self.yum_cli_commands[self.basecmd].doCommand(self, self.basecmd, self.extcmds)
  File "/usr/lib/yum-plugins/security.py", line 187, in doCommand
    md_info = ysp_gen_metadata(self)
  File "/usr/lib/yum-plugins/security.py", line 59, in ysp_gen_metadata
    md_info.add(repo)
  File "/usr/lib/python2.4/site-packages/yum/update_md.py", line 272, in add
    for event, elem in iterparse(infile):
  File "<string>", line 64, in __iter__
SyntaxError: not well-formed (invalid token): line 18012, column 70

[root@fjs-0-12 ~]# yum list-security
Loading "security" plugin
Loading "rhnplugin" plugin
rhel-i386-server-5        100% |=========================| 1.4 kB    00:00     
updateinfo.xml.gz         100% |=========================| 401 kB    00:00     
RHBA-2008:0551-3 bugfix   Deployment_Guide-en-US - 5.2-11.noarch
RHSA-2008:0498-3 security cups - 1:1.2.4-11.18.el5_2.1.i386
RHSA-2008:0498-3 security cups-libs - 1:1.2.4-11.18.el5_2.1.i386
RHBA-2008:0526-6 bugfix   dhcpv6-client - 1.0.10-4.el5_2.2.i386
RHSA-2008:0556-8 security freetype - 2.2.1-20.el5_2.i386
RHSA-2008:0489-1 security gnutls - 1.4.1-3.el5_1.i386
RHBA-2008:0513-2 bugfix   ipsec-tools - 0.6.5-9.el5_2.1.i386
RHSA-2008:0519-24 security kernel - 2.6.18-92.1.6.el5.i686
RHSA-2008:0529-4 security net-snmp-libs - 1:5.3.1-24.el5_2.1.i386
RHSA-2008:0486-4 security nfs-utils - 1:1.0.9-35z.el5_2.i386
RHBA-2008:0557-2 bugfix   nspr - 4.7.1-1.el5.i386
RHBA-2008:0557-2 bugfix   nss - 3.12.0.3-1.el5.i386
RHBA-2008:0557-2 bugfix   nss-tools - 3.12.0.3-1.el5.i386
RHBA-2008:0611-3 bugfix   nss_ldap - 253-13.el5_2.1.i386
RHSA-2008:0522-4 security perl - 4:5.8.8-10.el5_2.3.i386
RHBA-2008:0278-5 bugfix   redhat-release-notes - 5Server-15.i386
RHEA-2008:0506-5 enhancement tzdata - 2008b-3.el5.noarch
RHSA-2008:0580-3 security vim-common - 2:7.0.109-4.el5_2.2z.i386
RHSA-2008:0580-3 security vim-enhanced - 2:7.0.109-4.el5_2.2z.i386
RHSA-2008:0580-3 security vim-minimal - 2:7.0.109-4.el5_2.2z.i386
RHBA-2008:0487-2 bugfix   yum - 3.2.8-9.el5_2.1.noarch
RHBA-2008:0488-2 bugfix   yum-rhn-plugin - 0.5.3-6.el5_2.6.noarch
list-security done
[root@fjs-0-12 ~]# cat /etc/sysconfig/rhn/up2date | grep server
serverURL[comment]=Remote server URL
serverURL=http://rhndev2.z900.redhat.com/XMLRPC

before and after errata install on server
Comment 11 wes hayutin 2008-11-18 17:03:20 EST
pup is also working fine now..
Comment 13 wes hayutin 2008-12-05 14:29:22 EST
release pending
Comment 14 errata-xmlrpc 2008-12-08 17:01:37 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2008-1005.html

Note You need to log in before you can comment on or make changes to this bug.