This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.

fixed in rawhide and built as acl-2.2.49-7.fc14

how to check:

$ rpm -q acl --requires | grep libacl' '

built as acl-2.2.49-4.el6

VERIFIED as fixed in acl-2.2.49-4.el6 in compose RHEL6.0-Snapshot-6:

[root@pogolinux-2 ~]# rpm -q acl
acl-2.2.49-4.el6.i686
[root@pogolinux-2 ~]# rpm -q acl --requires | grep libacl' '
libacl = 2.2.49-4.el6

Red Hat Enterprise Linux Beta 2 is now available and should resolve
the problem described in this bug report. This report is therefore being closed
with a resolution of CURRENTRELEASE. You may reopen this bug report if the
solution does not work for you.

acl-2.2.49-6.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Sorry to bring this up after the fact, but what is the reason for this change?  The acl package already depends on the libacl package through the automatically generated shared library dependencies, which are (on a RHEL6 x86_64 system):

    libacl.so.1()(64bit)
    libacl.so.1(ACL_1.0)(64bit)

I don't think there is a need to tie the acl and libacl packages together more firmly than that.

Andreas, the change has been recommended by our sanity checking tool for RHEL-6.  Would there be any considerable benefit if we leaved the dependency more untied?

I don't know, what is it that you are trying to achieve?  Somebody must have implemented this check for a reason.

In this particular case, the acl package also depends on the libattr shared library and package via libacl.  There is no explicit package dependency from either acl or libacl to libattr.  So again, what's the goal?

If you want all package dependencies to be explicit, then an easier way to achieve that would be to change rpm's find-requires script to generate those dependencies instead of generating shared library dependencies.  (Doing this sounds weird to me, though.)

Right, but libacl is a sub-package of acl, libattr is not.  We prefer sub-packages to be at the same version as the master package unless there is some reason to allow divergence.

E.g. the update system in Fedora suggests to update the acl package, even if the fix went actually to libacl.  Then if user really updates acl, he will most likely claim the bug is not fixed.  The added dependency forces also update of libacl in that case.  A similar confusion may happen on RHEL, if the user does not install all recommended updates for some reason.

Okay, that explains the idea is behind those dependencies, thanks for the explanation.

In that case it would make sense, IMHO, to encode this policy into rpm's find-requires script.  It can't be that hard to generate explicit package dependencies between binary packages built from the same spec file if there are shared library dependencies; rpm already figures out the shared library dependencies, anyway.

Sounds like a good idea.  I am only not sure how many packages would need to allow the divergence.  I'll clone the bug for rpm, in order to get it properly evaluated by rpm hackers.