Description of problem: My RHEL5 update doesn't work anymore due to the following crash in purit: ----------------------- Component: pirut Summary: TB9536d0ca <string>:64:__iter__:SyntaxError: mismatched tag: line 245, column 1388 Traceback (most recent call last): File "/usr/sbin/pup", line 617, in ? main() File "/usr/sbin/pup", line 613, in main pup.run() File "/usr/sbin/pup", line 451, in run self.doRefresh() File "/usr/sbin/pup", line 291, in doRefresh self.populateUpdates() File "/usr/sbin/pup", line 347, in populateUpdates self.updateMetadata.add(repo) File "/usr/lib/python2.4/site-packages/yum/update_md.py", line 376, in add for event, elem in iterparse(infile): File "<string>", line 64, in __iter__ SyntaxError: mismatched tag: line 245, column 1388 Local variables in innermost frame: b: <TreeBuilder object at 0x8fac5e0> self: <iterparse object at 0x8fd7dd0> event: ('end', <Element 'package' at 0x8b66870>) p: <XMLParser object at 0xa935090> data: .src.rpm"><filename>amanda-client-2.5.0p2-8.el5.x86_64.rpm</filename><sum type="md5">1ecfc639edb8e0f97114d9eead06dece</sum></package><package name="amanda" version="2.5.0p2" release="8.el5" epoch="0" arch="x86_64" src="amanda-2.5.0p2-8.el5.src.rpm"><filename>amanda-2.5.0p2-8.el5.x86_64.rpm</filename><sum type="md5">13b91f36162c170b7ddf7d4a021f2e82</sum></package></collection></pkglist></update><update from="security" status="final" type="security" version="2"><id>RHSA-2009:1321</id><title>Low: nfs-utils security and bug fix update</title><issued date="2009-09-02 03:02:33"/><updated date="2009-09-02 03:02:33"/><description>The nfs-utils package provides a daemon for the kernel NFS server and related tools. It was discovered that nfs-utils did not use tcp_wrappers correctly. Certain hosts access rules defined in "/etc/hosts.allow" and "/etc/hosts.deny" may not have been honored, possibly allowing remote attackers to bypass intended access restrictions. (CVE-2008-4552) This updated package also fixes the following bugs: * the "LOCKD_TCPPORT" and "LOCKD_UDPPORT" options in "/etc/sysconfig/nfs" were not honored: the lockd daemon continued to use random ports. With this update, these options are honored. (BZ#434795) * it was not possible to mount NFS file systems from a system that has the "/etc/" directory mounted on a read-only file system (this could occur on systems with an NFS-mounted root file system). With this update, it is possible to mount NFS file systems from a system that has "/etc/" mounted on a read-only file system. (BZ#450646) * arguments specified by "STATDARG=" in "/etc/sysconfig/nfs" were removed by the nfslock init script, meaning the arguments specified were never passed to rpc.statd. With this update, the nfslock init script no longer removes these arguments. (BZ#459591) * when mounting an NFS file system from a host not specified in the NFS server's "/etc/exports" file, a misleading "unknown host" error was logged on the server (the hostname lookup did not fail). With this update, a clearer error message is provided for these situations. (BZ#463578) * the nhfsstone benchmark utility did not work with NFS version 3 and 4. This update adds support to nhfsstone for NFS version 3 and 4. The new nhfsstone "-2", "-3", and "-4" options are used to select an NFS version (similar to nfsstat(8)). (BZ#465933) * the exportfs(8) manual page contained a spelling mistake, "djando", in the EXAMPLES section. (BZ#474848) * in some situations the NFS server incorrectly refused mounts to hosts that had a host alias in a NIS netgroup. (BZ#478952) * in some situations the NFS client used its cache, rather than using the latest version of a file or directory from a given export. This update adds a new mount option, "lookupcache=", which allows the NFS client to control how it caches files and directories. Note: The Red Hat Enterprise Linux 5.4 kernel update (the fourth regular update) must be installed in order to use the "lookupcache=" option. Also, "lookupcache=" is currently only available for NFS version 3. Support for NFS version 4 may be introduced in future Red Hat Enterprise Linux 5 updates. Refer to Red Hat Bugzilla #511312 for further information. (BZ#489335) Users of nfs-utils should upgrade to this updated package, which contains backported patches to correct these issues. After installing this update, the nfs service will be restarted automatically.</description><references><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=434795" id="434795" type="bugzilla">['lockd not using settings in sysconfig/nfs']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=450646" id="450646" type="bugzilla">['/sbin/mount.nfs fails with read-only /etc']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=458676" id="458676" type="bugzilla">['CVE-2008-4552 nfs-utils: incorrect use of tcp_wrappers, causing hostname-based rules to be ignored']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=459591" id="459591" type="bugzilla">['rpc.statd options not correctly parsed']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=463578" id="463578" type="bugzilla">["confusing 'mount request from unknown host' messages"]</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=465933" id="465933" type="bugzilla">['nhfsstone does not support NFSv3 and v4']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=474848" id="474848" type="bugzilla">['typo in exportfs manpage']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=489335" id="489335" type="bugzilla">['Add support for lookupcache= option in nfs-utils.']</reference><reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=com.redhat.rhn.domain.errata.Cve@58125812" id="CVE-2008-4552" type="cve"/></references><pkglist><collection short="rhel-x86_64-client-5"><name>Red Hat Enterprise Linux Desktop (v. 5 for 64-bit x86_64)</name><package name="nfs-utils" version="1.0.9" release="42.el5" epoch="1" arch="x86_64" src="nfs-utils-1.0.9-42.el5.src.rpm"><filename>nfs-utils-1.0.9-42.el5.x86_64.rpm</filename><sum type="md5">68cb9f95fc5926e7053efaba90fbc273</sum></package></collection></pkglist></update><update from="security" status="final" type="bugfix" version="3"><id>RHBA-2009:1679</id><title>paps bug fix update</title><issued date="2009-12-16 00:00:00"/><updated date="2010-03-30 00:00:00"/><description>Paps reads UTF-8 encoded text files and renders them to a PostScript file. It uses the pango library to create the outline curves. The paps package also includes the libpaps library, which simplifies PostScript rendering for any pango-based applications (for example, programs that use the GTK+ widget toolkit). As well, paps is used as the CUPS text filter, allowing CUPS to handle UTF-8 encoded strings. This update addresses the following issue: * when paps was used as the CUPS text filter with a "wrap=false" parameter, paps did not honor the parameter: text was wrapped to fit the page despite the parameter instructing otherwise. Paps now calls pango's word wrap functions correctly and, consequently, honors this parameter as expected. (BZ#520590) All paps users should upgrade to this updated package, which resolve this issue.</description><references><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=520590" id="520590" type="bugzilla">['texttopaps and wrap=false']</reference></references><pkglist><collection short="rhel-x86_64-client-5"><name>Red Hat Enterprise Linux Desktop (v. 5 for 64-bit x86_64)</name><package name="paps" version="0.6.6" release="19.el5" epoch="0" arch="x86_64" src="paps-0.6.6-19.el5.src.rpm"><filename>paps-0.6.6-19.el5.x86_64.rpm</filename><sum type="md5">e9709d894c4370fc68a80ca82a453d9a</sum></package></collection></pkglist></update><update from="security" status="final" type="security" version="4"><id>RHSA-2007:0724</id><title>Critical: firefox security update</title><issued date="2007-07-18 00:00:00"/><updated date="2007-12-04 00:00:00"/><description>Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-3734, CVE-2007-3735, CVE-2007-3737, CVE-2007-3738) Several content injection flaws were found in the way Firefox handled certain JavaScript code. A web page containing malicious JavaScript code could inject arbitrary content into other web pages. (CVE-2007-3736, CVE-2007-3089) A flaw was found in the way Firefox cached web pages on the local disk. A malicious web page may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-3656) Users of Firefox are advised to upgrade to these erratum packages, which contain backported patches that correct these issues.</description><references><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248518" id="248518" type="bugzilla">['CVE-2007-3089 various flaws in mozilla products (CVE-2007-3734 CVE-2007-3735 CVE-2007-3736 CVE-2007-3737 CVE-2007-3656 CVE-2007-3738)']</reference><reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=com.redhat.rhn.domain.errata.Cve@42734273" id="CVE-2007-3656" type="cve"/><reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=com.redhat.rhn.domain.errata.Cve@58545854" id="CVE-2007-3734" type="cve"/><reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=com.redhat.rhn.domain.errata.Cve@69056905" id="CVE-2007-3738" type="cve"/><reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=com.redhat.rhn.domain.errata.Cve@47b547b5" id="CVE-2007-3737" type="cve"/><reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=com.redhat.rhn.domain.errata.Cve@4e8b4e8b" id="CVE-2007-3736" type="cve"/><reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=com.redhat.rhn.domain.errata.Cve@470d470d" id="CVE-2007-3089" type="cve"/><reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=com.redhat.rhn.domain.errata.Cve@54ce54ce" id="CVE-2007-3735" type="cve"/></references><pkglist><collection short="rhel-x86_64-client-5"><name>Red Hat Enterprise Linux Desktop (v. 5 for 64-bit x86_64)</name><package name="firefox" version="1.5.0.12" release="3.el5" epoch="0" arch="i386" src="firefox-1.5.0.12-3.el5.src.rpm"><filename>firefox-1.5.0.12-3.el5.i386.rpm</filename><sum type="md5">41f9235be61710608c049fed0c39ba19</sum></package><package name="firefox" version="1.5.0.12" release="3.el5" epoch="0" arch="x86_64" src="firefox-1.5.0.12-3.el5.src.rpm"><filename>firefox-1.5.0.12-3.el5.x86_64.rpm</filename><sum type="md5">5d2539b4e150e2ebea6c6304a4c08325</sum></package></collection></pkglist></update><update from="security" status="final" type="security" version="5"><id>RHSA-2008:0849</id><title>Important: ipsec-tools security update</title><issued date="2008-08-26 00:00:00"/><updated date="2008-08-26 00:00:00"/><description>The ipsec-tools package is used in conjunction with the IPsec functionality in the Linux kernel and includes racoon, an IKEv1 keying daemon. Two denial of service flaws were found in the ipsec-tools racoon daemon. It was possible for a remote attacker to cause the racoon daemon to consume all available memory. (CVE-2008-3651, CVE-2008-3652) Users of ipsec-tools should upgrade to this updated package, which contains backported patches that resolve these issues.</description><references><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=456660" id="456660" type="bugzilla">['CVE-2008-3651 ipsec-tools: racoon memory leak caused by invalid proposals']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=458846" id="458846" type="bugzilla">['CVE-2008-3652 ipsec-tools: racoon orphaned ph1s memory leak']</reference><reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=com.redhat.rhn.domain.errata.Cve@6cd36cd3" id="CVE-2008-3651" type="cve"/><reference href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=com.redhat.rhn.domain.errata.Cve@6c2b6c2b" id="CVE-2008-3652" type="cve"/></references><pkglist><collection short="rhel-x86_64-client-5"><name>Red Hat Enterprise Linux Desktop (v. 5 for 64-bit x86_64)</name><package name="ipsec-tools" version="0.6.5" release="9.el5_2.3" epoch="0" arch="x86_64" src="ipsec-tools-0.6.5-9.el5_2.3.src.rpm"><filename>ipsec-tools-0.6.5-9.el5_2.3.x86_64.rpm</filename><sum type="md5">2a8a07f1aa7da017f4ce8a7a8fae4305</sum></package></collection></pkglist></update><update from="security" status="final" type="bugfix" version="1"><id>RHBA-2009:1242</id><title>selinux-policy bug fix update</title><issued date="2009-09-02 03:02:33"/><updated date="2009-09-02 03:02:33"/><description>The selinux-policy packages contain the rules that govern how confined processes run on the system. These updated packages resolve several bugs in Security-Enhanced Linux (SELinux) policy as shipped with Red Hat Enterprise Linux 5. The majority of these bugs resulted in SELinux denying legitimate access. Refer to the Red Hat Enterprise Linux 5.4 Technical Notes for detailed documentation on the bug fixes applied by this update. A link to the section for this selinux-policy update is in the "References" below. All users are advised to upgrade to these updated packages, which resolve these issues.</description><references><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=429726" id="429726" type="bugzilla">['Allow samba to change unix passwords']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=475562" id="475562" type="bugzilla">['SELinux is preventing perl (logwatch_t) "write" to ./services (etc_t).']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=477123" id="477123" type="bugzilla">['Typo errors in man pages']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=479819" id="479819" type="bugzilla">['postgrey avc: denied socket connection']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=480943" id="480943" type="bugzilla">['SELinux is preventing nm-system-setti after update to 5.3']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=481387" id="481387" type="bugzilla">['selinux prevents "getattr" and "execute"']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=481628" id="481628" type="bugzilla">['AVCs for system_dbusd_t -> [ hal_t, unconfined_t']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=481706" id="481706" type="bugzilla">['SELinux is preventing automount (automount_t) "signal" to <Unknown> (mount_t).']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=483173" id="483173" type="bugzilla">['SELinux prevents nm-system-setti (system_dbusd_t) "getsched"']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=484146" id="484146" type="bugzilla">['setsebool -P samba_enable_home_dirs=1 is not completely effective.']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=485078" id="485078" type="bugzilla">['Wrong security context for sysstat package']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=485107" id="485107" type="bugzilla">['Cannot execute spamc from procmail']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=485111" id="485111" type="bugzilla">["samba not able to access users' public_html directory"]</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=486187" id="486187" type="bugzilla">['RHEL-5.3 selinux-policy broke spamassassin']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=486354" id="486354" type="bugzilla">['Cannot boot RHEL5.3 with strict enforcing selinux']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=486965" id="486965" type="bugzilla">['cannot open matlab on redhat EL 5.3, unless I override / change selinux settings']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=487021" id="487021" type="bugzilla">['Selinux prevents Samba from rotating log files.']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=489899" id="489899" type="bugzilla">['selinux-policy: allow dbus to domain_read_all_domains_state [rhel-5.4]']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=490024" id="490024" type="bugzilla">['nscd_t needs search permissions on sbin_t']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=492567" id="492567" type="bugzilla">['restorecon breaks selinux contexts in /var/named/chroot/proc (which is bind mounted to /proc so breaks that too)']</reference><reference href="http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495010" id="495010" type="bugzilla">['SELinux is preventing /sbin/restorecon (restorecon_t) "read" to inotify (inotif events: [('end', <Element 'filename' at 0x8b66bd0>), ('end', <Element 'sum' at 0x8b66c60>), ('end', <Element 'package' at 0x8b66ae0>), ('end', <Element 'filename' at 0x8b7e030>), ('end', <Element 'sum' at 0x8b7e1e0>), ('end', <Element 'package' at 0x8b66b70>), ('end', <Element 'collection' at 0x8b66630>), ('end', <Element 'pkglist' at 0x8b665a0>), ('end', <Element 'update' at 0x8b66060>), ('end', <Element 'id' at 0x8b7e1b0>), ('end', <Element 'title' at 0x8b7e330>), ('end', <Element 'issued' at 0x8b7e390>), ('end', <Element 'updated' at 0x8b7e510>), ('end', <Element 'description' at 0x8b7e4b0>), ('end', <Element 'reference' at 0x8b7e810>), ('end', <Element 'reference' at 0x8b7e870>), ('end', <Element 'reference' at 0x8b7ea20>), ('end', <Element 'reference' at 0x8b7eb70>), ('end', <Element 'reference' at 0x8b7ec90>), ('end', <Element 'reference' at 0x8b7ed50>), ('end', <Element 'reference' at 0x8b7ef90>), ('end', <Element 'reference' at 0x8b80060>), ('end', <Element 'reference' at 0x8b80120>), ('end', <Element 'references' at 0x8b7e690>), ('end', <Element 'name' at 0x8b802a0>), ('end', <Element 'filename' at 0x8b80420>), ('end', <Element 'sum' at 0x8b805a0>), ('end', <Element 'package' at 0x8b80450>), ('end', <Element 'collection' at 0x8b801e0>), ('end', <Element 'pkglist' at 0x8b80210>), ('end', <Element 'update' at 0x8b7e2d0>), ('end', <Element 'id' at 0x8b806f0>), ('end', <Element 'title' at 0x8b807b0>), ('end', <Element 'issued' at 0x8b80720>), ('end', <Element 'updated' at 0x8b806c0>), ('end', <Element 'description' at 0x8b80870>), ('end', <Element 'reference' at 0x8b80ab0>), ('end', <Element 'references' at 0x8b808a0>), ('end', <Element 'name' at 0x8b80bd0>), ('end', <Element 'filename' at 0x8b80e70>), ('end', <Element 'sum' at 0x8b80f30>), ('end', <Element 'package' at 0x8b80db0>), ('end', <Element 'collection' at 0x8b80b70>), ('end', <Element 'pkglist' at 0x8b80a80>), ('end', <Element 'update' at 0x8b80660>), ('end', <Element 'id' at 0x8b811b0>), ('end', <Element 'title' at 0x8b81240>), ('end', <Element 'issued' at 0x8b81270>), ('end', <Element 'updated' at 0x8b812a0>), ('end', <Element 'description' at 0x8b81330>), ('end', <Element 'reference' at 0x8b81420>), ('end', <Element 'reference' at 0x8b815a0>), ('end', <Element 'reference' at 0x8b81540>), ('end', <Element 'reference' at 0x8b81630>), ('end', <Element 'reference' at 0x8b816c0>), ('end', <Element 'reference' at 0x8b817b0>), ('end', <Element 'reference' at 0x8b81870>), ('end', <Element 'reference' at 0x8b81840>), ('end', <Element 'references' at 0x8b813f0>), ('end', <Element 'name' at 0x8b81ba0>), ('end', <Element 'filename' at 0x8b81d50>), ('end', <Element 'sum' at 0x8b81ed0>), ('end', <Element 'package' at 0x8b81cf0>), ('end', <Element 'filename' at 0x8bdc120>), ('end', <Element 'sum' at 0x8bdc150>), ('end', <Element 'package' at 0x8bdc090>), ('end', <Element 'collection' at 0x8b819f0>), ('end', <Element 'pkglist' at 0x8b81960>), ('end', <Element 'update' at 0x8b810c0>), ('end', <Element 'id' at 0x8bdc390>), ('end', <Element 'title' at 0x8bdc330>), ('end', <Element 'issued' at 0x8bdc420>), ('end', <Element 'updated' at 0x8bdc3f0>), ('end', <Element 'description' at 0x8bdc510>), ('end', <Element 'reference' at 0x8bdc690>), ('end', <Element 'reference' at 0x8bdc750>), ('end', <Element 'reference' at 0x8bdc8a0>), ('end', <Element 'reference' at 0x8bdc8d0>), ('end', <Element 'references' at 0x8bdc4e0>), ('end', <Element 'name' at 0x8bdcb70>), ('end', <Element 'filename' at 0x8bdcd80>), ('end', <Element 'sum' at 0x8bdced0>), ('end', <Element 'package' at 0x8bdccf0>), ('end', <Element 'collection' at 0x8bdcb10>), ('end', <Element 'pkglist' at 0x8bdc960>), ('end', <Element 'update' at 0x8bdc360>), ('end', <Element 'id' at 0x8bdcf00>), ('end', <Element 'title' at 0x8bdcf60>), ('end', <Element 'issued' at 0x8bdcea0>), ('end', <Element 'updated' at 0x8bdce70>), ('end', <Element 'description' at 0x8bd12a0>), ('end', <Element 'reference' at 0x8bd11e0>), ('end', <Element 'reference' at 0x8bd12d0>), ('end', <Element 'reference' at 0x8bd1420>), ('end', <Element 'reference' at 0x8bd1540>), ('end', <Element 'reference' at 0x8bd15d0>), ('end', <Element 'reference' at 0x8bd1720>), ('end', <Element 'reference' at 0x8bd1330>)] -------------- How can this issue be fixed? The error is reproducible, update doesn't work anymore. Thank you.
*** This bug has been marked as a duplicate of bug 663403 ***