Component: pirut Summary: TB9536d0ca <string>:64:__iter__:SyntaxError: mismatched tag: line 87770, column 8 Traceback (most recent call last): File "/usr/sbin/pup", line 617, in ? main() File "/usr/sbin/pup", line 613, in main pup.run() File "/usr/sbin/pup", line 451, in run self.doRefresh() File "/usr/sbin/pup", line 291, in doRefresh self.populateUpdates() File "/usr/sbin/pup", line 347, in populateUpdates self.updateMetadata.add(repo) File "/usr/lib/python2.4/site-packages/yum/update_md.py", line 272, in add for event, elem in iterparse(infile): File "<string>", line 64, in __iter__ SyntaxError: mismatched tag: line 87770, column 8 Local variables in innermost frame: b: <TreeBuilder object at 0xaa5d608> self: <iterparse object at 0xafc8e8c> event: ('end', <Element 'sum' at 0xd25ad58>) p: <XMLParser object at 0xb184f50> data: </package> <package name="net-snmp-libs" version="5.3.1" release="24.el5_2.2" epoch="1" arch="s390" src="net-snmp-5.3.1-24.el5_2.2.src.rpm"> <filename>net-snmp-libs-5.3.1-24.el5_2.2.s390.rpm</filename> <sum type="md5">26ea8eb65e5d62a18b43558a408c1927</sum> </package> <package name="net-snmp-utils" version="5.3.1" release="24.el5_2.2" epoch="1" arch="s390x" src="net-snmp-5.3.1-24.el5_2.2.src.rpm"> <filename>net-snmp-utils-5.3.1-24.el5_2.2.s390x.rpm</filename> <sum type="md5">13a6f808d04c0a72b3a2da076f35e887</sum> </package> <package name="net-snmp-devel" version="5.3.1" release="24.el5_2.2" epoch="1" arch="s390x" src="net-snmp-5.3.1-24.el5_2.2.src.rpm"> <filename>net-snmp-devel-5.3.1-24.el5_2.2.s390x.rpm</filename> <sum type="md5">018ddfdc5b25aa7d9a0e685947ce640f</sum> </package> <package name="net-snmp-devel" version="5.3.1" release="24.el5_2.2" epoch="1" arch="s390" src="net-snmp-5.3.1-24.el5_2.2.src.rpm"> <filename>net-snmp-devel-5.3.1-24.el5_2.2.s390.rpm</filename> <sum type="md5">f872ea2c2eda65e096ef0a0a013fed4a</sum> </package> <package name="net-snmp-libs" version="5.3.1" release="24.el5_2.2" epoch="1" arch="s390x" src="net-snmp-5.3.1-24.el5_2.2.src.rpm"> <filename>net-snmp-libs-5.3.1-24.el5_2.2.s390x.rpm</filename> <sum type="md5">44debe82de6508cea1f36fd7a0280c12</sum> </package> <package name="net-snmp-perl" version="5.3.1" release="24.el5_2.2" epoch="1" arch="s390x" src="net-snmp-5.3.1-24.el5_2.2.src.rpm"> <filename>net-snmp-perl-5.3.1-24.el5_2.2.s390x.rpm</filename> <sum type="md5">6076418d174f7ea5532386c351a89218</sum> </package> <package name="net-snmp" version="5.3.1" release="24.el5_2.2" epoch="1" arch="s390x" src="net-snmp-5.3.1-24.el5_2.2.src.rpm"> <filename>net-snmp-5.3.1-24.el5_2.2.s390x.rpm</filename> <sum type="md5">4d994e2d8b9bc082c6d57e2f973985e3</sum> </package> </collection> </pkglist> </update> <update from="security" status="final" type="security" version="13"> <id>RHSA-2008:0957-13</id> <title>RHSA-2008:0957</title> <issued date="2008-11-04 00:00:00"/> <updated date="2008-11-04 00:00:00"/> <description>Important: kernel security and bug fix update The kernel packages contain the Linux kernel, the core of any Linux operating system. * the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service. (CVE-2007-5907, Important) * Tavis Ormandy reported missing boundary checks in the Virtual Dynamic Shared Objects (vDSO) implementation. This could allow a local unprivileged user to cause a denial of service or escalate privileges. (CVE-2008-3527, Important) * the do_truncate() and generic_file_splice_write() functions did not clear the setuid and setgid bits. This could allow a local unprivileged user to obtain access to privileged information. (CVE-2008-4210, CVE-2008-3833, Important) * a flaw was found in the Linux kernel splice implementation. This could cause a local denial of service when there is a certain failure in the add_to_page_cache_lru() function. (CVE-2008-4302, Important) * a flaw was found in the Linux kernel when running on AMD64 systems. During a context switch, EFLAGS were being neither saved nor restored. This could allow a local unprivileged user to cause a denial of service. (CVE-2006-5755, Low) * a flaw was found in the Linux kernel virtual memory implementation. This could allow a local unprivileged user to cause a denial of service. (CVE-2008-2372, Low) * an integer overflow was discovered in the Linux kernel Datagram Congestion Control Protocol (DCCP) implementation. This could allow a remote attacker to cause a denial of service. By default, remote DCCP is blocked by SELinux. (CVE-2008-3276, Low) In addition, these updated packages fix the following bugs: * random32() seeding has been improved. * in a multi-core environment, a race between the QP async event-handler and the destro_qp() function could occur. This led to unpredictable results during invalid memory access, which could lead to a kernel crash. * a format string was omitted in the call to the request_module() function. * a stack overflow caused by an infinite recursion bug in the binfmt_misc kernel module was corrected. * the ata_scsi_rbuf_get() and ata_scsi_rbuf_put() functions now check for scatterlist usage before calling kmap_atomic(). * a sentinel NUL byte was added to the device_write() function to ensure that lspace.name is NUL-terminated. * in the character device driver, a range_is_allowed() check was added to the read_mem() and write_mem() functions. It was possible for an illegitimate application to bypass these checks, and access /dev/mem beyond the 1M limit by calling mmap_mem() instead. Also, the parameters of range_is_allowed() were changed to cleanly handle greater than 32-bits of physical address on 32-bit architectures. * some of the newer Nehalem-based systems declare their CPU DSDT entries as type "Alias". During boot, this caused an "Error attaching device data" message to be logged. * the evtchn event channel device lacked locks and memory barriers. This has led to xenstore becoming unresponsive on the Itanium® architecture. * sending of gratuitous ARP packets in the Xen frontend network driver is now delayed until the backend signals that its carrier status has been processed by the stack. * on forcedeth devices, whenever setting ethtool parameters for link speed, the device could stop receiving interrupts. * the CIFS 'forcedirectio' option did not allow text to be appended to files. * the gettimeofday() function returned a backwards time on Intel® 64. * residual-count corrections during UNDERRUN handling were added to the qla2xxx driver. * the fix for a small quirk was removed for certain Adaptec controllers for which it caused problems. * the "xm trigger init" command caused a domain panic if a userland application was running on a guest on the Intel® 64 architecture. Users of kernel should upgrade to these updated packages, which contain backported patches to correct these issues. </description> <references> <reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4302" id="CVE-2008-4302" type="cve"> </reference> <reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3276" id="CVE-2008-3276" type="cve"> </reference> <reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4210" id="CVE-2008-4210" type="cve"> </reference> <reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5907" id="CVE-2007-5907" type="cve"> </reference> <reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3833" id="CVE-2008-3833" type="cve"> </reference> <reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5755" id="CVE-2006-5755" type="cve"> </reference> <reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3527" id="CVE-2008-3527" type="cve"> </reference> <reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2372" id="CVE-2008-2372" type="cve"> </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=377561" id="377561" type="bugzilla"> ['CVE-2007-5907 kernel-xen 3.1.1 does not prevent modification of the CR4 TSC from applications (DoS possible)'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=452666" id="452666" type="bugzilla"> ["CVE-2008-2372 kernel: Reinstate ZERO_PAGE optimization in 'get_user_pages()' and fix XIP"] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=457718" id="457718" type="bugzilla"> ['CVE-2006-5755 kernel: local denial of service due to NT bit leakage'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=458021" id="458021" type="bugzilla"> ['kernel: random32: seeding improvement [rhel-5.2.z]'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=458759" id="458759" type="bugzilla"> ['kernel: dlm: dlm/user.c input validation fixes [rhel-5.2.z]'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=458781" id="458781" type="bugzilla"> ['LTC44618-Race possibility between QP async handler and destroy_qp()'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=459226" id="459226" type="bugzilla"> ['CVE-2008-3276 Linux kernel dccp_setsockopt_change() integer overflow'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=459461" id="459461" type="bugzilla"> ['kernel: cpufreq: fix format string bug [rhel-5.2.z]'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=459464" id="459464" type="bugzilla"> ['kernel: binfmt_misc.c: avoid potential kernel stack overflow [rhel-5.2.z]'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=460251" id="460251" type="bugzilla"> ['CVE-2008-3527 kernel: missing boundary checks in syscall/syscall32_nopage()'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=460638" id="460638" type="bugzilla"> ['[REG][5.3] The system crashed by the NULL pointer access with kmap_atomic() of ata_scsi_rbuf_get().'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=460858" id="460858" type="bugzilla"> ['kernel: devmem: add range_is_allowed() check to mmap_mem() [rhel-5.2.z]'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=460868" id="460868" type="bugzilla"> ['RHEL5.2 ACPI core bug'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=461099" id="461099" type="bugzilla"> ['evtchn device lacks lock and barriers'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=461457" id="461457" type="bugzilla"> ['Coordinate gratuitous ARP with backend network status'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=461894" id="461894" type="bugzilla"> ['nVidia MCP55 MCP55 Ethernet (rev a3) not functional on kernel 2.6.18-53.1.4'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=462434" id="462434" type="bugzilla"> ['CVE-2008-4302 kernel: splice: fix bad unlock_page() in error case'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=462591" id="462591" type="bugzilla"> ['CIFS option forcedirectio fails to allow the appending of text to files.'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=462860" id="462860" type="bugzilla"> ['RHEL5.3: Fix time of gettimeofday() going backward (EM64T) (*)'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=463661" id="463661" type="bugzilla"> ["CVE-2008-4210 kernel: open() call allows setgid bit when user is not in new file's group"] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=464450" id="464450" type="bugzilla"> ['CVE-2008-3833 kernel: remove SUID when splicing into an inode'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=465741" id="465741" type="bugzilla"> ['[QLogic 5.2.z bug] qla2xxx - Additional residual-count corrections during UNDERRUN handling.'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=466427" id="466427" type="bugzilla"> ['Significant regression in time() performance'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=466885" id="466885" type="bugzilla"> ['[aacraid 5.2.z] aac_srb: aac_fib_send failed with status 8195'] </reference> <reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=467105" id="467105" type="bugzilla"> ['xm trigger <domain> init causes kernel panic.'] </reference> </references> <pkglist> <collection short="rhel-i386-server-5"> <name>Red Hat Enterprise Linux (v. 5 for 32-bit x86)</name> <package name="kernel-doc" version="2.6.18" release="92.1.17.el5" epoch="0" arch="noarch" src="kernel-2.6.18-92.1.17.el5.src.rpm"> <filename>kernel-doc-2.6.18-92.1.17.el5.noarch.rpm</filename> <sum type="md5">dce0b49e0539f85ff414b638c3bb1ff1</sum> </package> <package name="kernel-devel" version="2.6.18" release="92.1.17.el5" epoch="0" arch="ppc64" src="kernel-2.6.18-92.1.17.el5.src.rpm"> <filename>kernel-devel-2.6.18-92.1.17.el5.ppc64.rpm</filename> <sum type="md5">2ad29780a9f28f604512477401af2802</sum> </package> <package name="kernel-headers" version="2.6.18" release="92.1.17.el5" epoch="0" arch="ppc64" src="kernel-2.6.18-92.1.17.el5.src.rpm"> <filename>kernel-headers-2.6.18-92.1.17.el5.ppc64.rpm</filename> <sum type="md5">ac4f7f8762ee5ac1a9f797df63146669</sum> </package> <package name="kernel-kdump" version="2.6.18" release="92.1.17.el5" epoch="0" arch="ppc64" src="kernel-2.6.18-92.1.17.el5.src.rpm"> <filename>kernel-kdump-2.6.18-92.1.17.el5.ppc64.rpm</filename> <sum type="md5">5899c83dbf2532615cd4d91eec0f676c</sum> </package> <package name="kernel-debug" version="2.6.18" release="92.1.17.el5" epoch="0" arch="ppc64" src="kernel-2.6.18-92.1.17.el5.src.rpm"> <filename>kernel-debug-2.6.18-92.1.17.el5.ppc64.rpm</filename> <sum type="md5">16d6436c1b55f5fef249fa901048609e</sum> </package> <package name="kernel-kdump-devel" version="2.6.18" release="92.1.17.el5" epoch="0" arch="ppc64" src="kernel-2.6.18-92.1.17.el5.src.rpm"> <filename>kernel-kdump-devel-2.6.18-92.1.17.el5.ppc64.rpm</filename> <sum type="md5">5097af7005a12746b0810c9e7938c572</sum> </package> <package name="kernel" version="2.6.18" release="92.1.17.el5" epoch="0" arch="ppc64" src="kernel-2.6.18-92.1.17.el5.src.rpm"> <filename>kernel-2.6.18-92.1.17.el5.ppc64.rpm</filename> <sum type="md5">af332abe693ec3ee26a036925b4341ad</sum> </package> <package name="kernel-debug-devel" version="2.6.18" release="92.1.17.el5" epoch="0" arch="ppc64" src="kernel-2.6.18-92.1.17.el5.src.rpm"> <filename>kernel-debug-devel-2.6.18-92.1.17.el5.ppc64.rpm</filename> <sum type="md5">d69bed24343deaeac28f8f46df745865</sum> </package> <package name="kernel-headers" version="2.6.18" release="92.1.17.el5" epoch="0" arch="ppc" src="kernel-2.6.18-92.1.17.el5.src.rpm"> <filename>kernel-headers-2.6.18-92.1.17.el5.ppc.rpm</filename> <sum type="md5">22c6defd169715598173b8795dc4b2e2</sum> </package> <package name="kernel-xen" version="2.6.18" release="92.1.17.el5" epoch="0" arch="i686" src="kernel-2.6.18-92.1.17.el5.src.rpm"> <filename>kernel-xen-2.6.18-92.1.17.el5.i686.rpm</filename> <sum type="md5">3cb42bda58a0d5acbb9f96c51ec0dc06</sum> </package> <package name="kernel-xen-devel" version="2.6.18" release="92.1.17.el5" epoch="0" arch="i686" src="kernel-2.6.18-92.1.17.el5.src.rpm"> <filename>kernel-xen-devel-2.6.18-92.1.17.el5.i686.rpm</filename> <sum type="md5">2bf48ab587a0eff39e51a3a199751a1c</sum> events: [('end', <Element 'package' at 0xd25ad28>), ('end', <Element 'filename' at 0xd25ad88>), ('end', <Element 'sum' at 0xd25ada0>), ('end', <Element 'package' at 0xd25ad70>), ('end', <Element 'filename' at 0xd25add0>), ('end', <Element 'sum' at 0xd25ade8>), ('end', <Element 'package' at 0xd25adb8>), ('end', <Element 'filename' at 0xd25ae18>), ('end', <Element 'sum' at 0xd25ae30>), ('end', <Element 'package' at 0xd25ae00>), ('end', <Element 'filename' at 0xd25ae60>), ('end', <Element 'sum' at 0xd25ae78>), ('end', <Element 'package' at 0xd25ae48>), ('end', <Element 'filename' at 0xd25aea8>), ('end', <Element 'sum' at 0xd25aec0>), ('end', <Element 'package' at 0xd25ae90>), ('end', <Element 'filename' at 0xd25aef0>), ('end', <Element 'sum' at 0xd25af08>), ('end', <Element 'package' at 0xd25aed8>), ('end', <Element 'filename' at 0xd25af38>), ('end', <Element 'sum' at 0xd25af50>), ('end', <Element 'package' at 0xd25af20>), ('end', <Element 'collection' at 0xd249578>), ('end', <Element 'pkglist' at 0xd249560>), ('end', <Element 'update' at 0xd249488>), ('end', <Element 'id' at 0xd25af80>), ('end', <Element 'title' at 0xd25af98>), ('end', <Element 'issued' at 0xd25afb0>), ('end', <Element 'updated' at 0xd25afc8>), ('end', <Element 'description' at 0xd25afe0>), ('end', <Element 'reference' at 0xd268038>), ('end', <Element 'reference' at 0xd268050>), ('end', <Element 'reference' at 0xd268068>), ('end', <Element 'reference' at 0xd268080>), ('end', <Element 'reference' at 0xd268098>), ('end', <Element 'reference' at 0xd2680b0>), ('end', <Element 'reference' at 0xd2680c8>), ('end', <Element 'reference' at 0xd2680e0>), ('end', <Element 'reference' at 0xd2680f8>), ('end', <Element 'reference' at 0xd268110>), ('end', <Element 'reference' at 0xd268128>), ('end', <Element 'reference' at 0xd268140>), ('end', <Element 'reference' at 0xd268158>), ('end', <Element 'reference' at 0xd268170>), ('end', <Element 'reference' at 0xd268188>), ('end', <Element 'reference' at 0xd2681a0>), ('end', <Element 'reference' at 0xd2681b8>), ('end', <Element 'reference' at 0xd2681d0>), ('end', <Element 'reference' at 0xd2681e8>), ('end', <Element 'reference' at 0xd268200>), ('end', <Element 'reference' at 0xd268218>), ('end', <Element 'reference' at 0xd268230>), ('end', <Element 'reference' at 0xd268248>), ('end', <Element 'reference' at 0xd268260>), ('end', <Element 'reference' at 0xd268278>), ('end', <Element 'reference' at 0xd268290>), ('end', <Element 'reference' at 0xd2682a8>), ('end', <Element 'reference' at 0xd2682c0>), ('end', <Element 'reference' at 0xd2682d8>), ('end', <Element 'reference' at 0xd2682f0>), ('end', <Element 'reference' at 0xd268308>), ('end', <Element 'reference' at 0xd268320>)]
*** This bug has been marked as a duplicate of bug 470142 ***