Created attachment 358718 [details] failed yum update --advisory Description of problem: I tried to use the yum-security plugin to selectively update recently pushed kde upgrades, i.e. "yum update --advisory FEDORA-2009-8368". The update fails after downloading packages, with some file conflicts (see attached). In each case, a file from an updated package conflicts with a file from an installed packages - but updates for the installed packages are available and are part of the same advisory. (See https://admin.fedoraproject.org/updates/F11/FEDORA-2009-8368 which lists kde-i18n and kdebase.) Version-Release number of selected component (if applicable): yum-3.2.23-3.fc11.noarch yum-utils-1.1.22-1.fc11.noarch Additional info: # yum list-security --advisory FEDORA-2009-8368 Loaded plugins: allowdowngrade, presto, refresh-packagekit, security FEDORA-2009-8368 enhancement PyKDE4-4.3.0-4.fc11.1.i586 FEDORA-2009-8368 enhancement PyQt4-4.5.4-1.fc11.i586 FEDORA-2009-8368 enhancement akonadi-1.2.0-1.fc11.i586 FEDORA-2009-8368 enhancement kde-l10n-British-4.3.0-1.fc11.noarch FEDORA-2009-8368 enhancement kde-plasma-stasks-0.5.1-6.fc11.i586 FEDORA-2009-8368 enhancement kdeartwork-4.3.0-2.fc11.i586 FEDORA-2009-8368 enhancement kdebase-runtime-4.3.0-4.fc11.i586 FEDORA-2009-8368 enhancement kdebase-runtime-libs-4.3.0-4.fc11.i586 FEDORA-2009-8368 enhancement kdebase-workspace-4.3.0-9.fc11.i586 FEDORA-2009-8368 enhancement kdebase-workspace-googlegadgets-4.3.0-9.fc11.i586 FEDORA-2009-8368 enhancement kdebase-workspace-libs-4.3.0-9.fc11.i586 FEDORA-2009-8368 enhancement kdepimlibs-4.3.0-2.fc11.i586 FEDORA-2009-8368 enhancement kdepimlibs-akonadi-4.3.0-2.fc11.i586 FEDORA-2009-8368 enhancement kdeplasma-addons-4.3.0-8.fc11.i586 FEDORA-2009-8368 enhancement kdm-4.3.0-9.fc11.i586 FEDORA-2009-8368 enhancement ksysguardd-4.3.0-9.fc11.i586 FEDORA-2009-8368 enhancement libmsn-4.0-0.12.beta7.fc11.i586 FEDORA-2009-8368 enhancement oxygen-icon-theme-4.3.0-1.fc11.noarch FEDORA-2009-8368 enhancement sip-4.8.2-1.fc11.i586 FEDORA-2009-8368 enhancement soprano-2.3.0-2.fc11.i586 FEDORA-2009-8368 enhancement strigi-libs-0.7.0-1.fc11.i586 yum info-security --advisory FEDORA-2009-8368 correctly lists all packages in the advisory.
There are two bugs here, neither of which are in yum. Bug 1. updateinfo.xml contains: <package arch="noarch" name="kde-i18n-British" release="9.fc11" src="[...]" version="3.5.10"> ...implying an epoch of 0, however kde-i18n-British has an epoch of 1. Bug 2. If there is a file conflicts between kde-l10n-British-4.3.0-1.fc11.noarch and kde-i18n-British-1:3.5.10-4.fc11.noarch (etc.) ... then those packages should have an explicit (versioned) conflicts. ...I'm going to move this one to bodhi (I think that's what creates the updateinfo.xml), as that's the bigger bug ... please open other ones for the kde packaging bugs.
I had bodhi add the epoch to the updateinfo in https://fedorahosted.org/bodhi/changeset/85ed47759f4cbc8cd1a770198e24ef584d43d3ce
(In reply to comment #1) > Bug 2. If there is a file conflicts between > kde-l10n-British-4.3.0-1.fc11.noarch and > kde-i18n-British-1:3.5.10-4.fc11.noarch (etc.) ... then those packages should > have an explicit (versioned) conflicts. Is that true even if a newer version of kde-i18n-British resolves the conflict? I tried to find mention of this in the packaging guidelines before filing the followup bugs, but came up blank.
*** Bug 520317 has been marked as a duplicate of this bug. ***
*** Bug 520328 has been marked as a duplicate of this bug. ***
in reply to comment #3 ... yes, you could have the conflicts there. Esp. so because with the conflicts yum will know to try and update the conflicting package, but without it it'll just die when rpm checks the files.
bah ... s/could/should/
Note that qt has an epoch, and is a security update. So anyone relying on "yum update --security" is currently not getting it because of this bug. So I'm uping the severity to hih.
Epochs have been getting injected into bodhi's updateinfo.xml for a while now. Eg: <package arch="i586" epoch="1" name="liferea" release="1.fc11" src="http://download.fedoraproject.org/pub/fedora/linux/updates/1/i586/liferea-1.6.0-1.fc11.i586.rpm" version="1.6.0"><filename>liferea-1.6.0-1.fc11.i586.rpm</filename></package>
Is this really fixed? Attached below are some logs from a recent kde 4.3.4 -> 4.3.5 update. It looks like epochs are not listed in the advisory - and packages with a non-zero epoch are not listed for update but only pulled in as dependencies.
Created attachment 390645 [details] yum info-updateinfo --advisory prior to transaction
Created attachment 390646 [details] output from yum update --advisory
Created attachment 390647 [details] output from "yum check-update | grep -i kd" after transaction
Epochs are in the updateinfo.xml, and have been for quite some time now. I'm re-assigning this bug to yum-utils, since it sounds like this could be an issue with the yum security plugin.
Downloading the latest updateinfo for F11 I get: <package arch="noarch" name="kde-i18n-Chinese-Big5" release="9.fc11" src ="http://download.fedoraproject.org/pub/fedora/linux/updates/1/i386/kde-i18n-Chi nese-Big5-3.5.10-9.fc11.noarch.rpm" version="3.5.10"> <package arch="x86_64" epoch="1" name="hpijs" release="1.fc11" src="http ://download.fedoraproject.org/pub/fedora/linux/updates/1/x86_64/hpijs-3.10.2-1.f c11.x86_64.rpm" version="3.10.2"> ...so yes, epochs are there for _some_ packages. But still not for kde-i18n-\*
Ah, you're right. I'm pretty sure I found and fixed the bug in bodhi's git. I'll get a new release out as soon as our infrastructure is unfrozen.
This message is a reminder that Fedora 11 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 11. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '11'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 11's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 11 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
This message is a reminder that Fedora 12 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 12. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '12'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 12's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 12 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
fixed in bodhi, I believe. closing