Red Hat Bugzilla – Bug 789353
squirrelmail should require mod_php not php
Last modified: 2013-01-07 23:59:50 EST
Description of problem: Red Hat recently released a security update for squirrelmail in rhel5. This update can not be installed on systems using the php53 packages. Version-Release number of selected component (if applicable): squirrelmail.noarch 0:1.4.8-5.el5_7.13 How reproducible: Every time Steps to Reproduce: 1. yum update on a rhel5 system using php53 2. 3. Actual results: Updating fails with the following messages [root@babylon5 mail]# yum update Loaded plugins: downloadonly, priorities, rhnplugin Setting up Update Process Resolving Dependencies --> Running transaction check ---> Package squirrelmail.noarch 0:1.4.8-5.el5_7.13 set to be updated --> Processing Dependency: php >= 4.0.4 for package: squirrelmail --> Processing Dependency: php-mbstring for package: squirrelmail --> Running transaction check ---> Package php.i386 0:5.1.6-27.el5_7.5 set to be updated --> Processing Dependency: php-common = 5.1.6-27.el5_7.5 for package: php --> Processing Dependency: php-cli = 5.1.6-27.el5_7.5 for package: php ---> Package php-mbstring.i386 0:5.1.6-27.el5_7.5 set to be updated --> Running transaction check ---> Package php-cli.i386 0:5.1.6-27.el5_7.5 set to be updated ---> Package php-common.i386 0:5.1.6-27.el5_7.5 set to be updated --> Processing Conflict: php53-common conflicts php-common --> Finished Dependency Resolution php53-common-5.3.3-1.el5_7.6.i386 from installed has depsolving problems --> php53-common conflicts with php-common Error: php53-common conflicts with php-common You could try using --skip-broken to work around the problem You could try running: package-cleanup --problems package-cleanup --dupes rpm -Va --nofiles --nodigest The program package-cleanup is found in the yum-utils package. Expected results: squirrelmail should be updatable... Additional info:
This dependancy issue prevents me from applying securityfixes to internet facing servers.
Please remember that bugzilla is just a bug *tracking* tool. Issues, especially those where quick resolution is required, should be filed through https://access.redhat.com/support . That way we can deliver fix sooner. Otherwise it'll take some time - it'll get fixed only once component is approved with (any of) next RHEL minor release.
Hi Michal I'm sorry, I didnt know that bugs where to be reported there. I've created a case there now (Case 00598938). Thanks for the heads up :)
Joe: Do you know how is php53 supposed to work? Squirrelmail requires: php >= 4.0.4, php-mbstring. I thought php53 would Provides: php, but it doesn't.
Making php53 Privide: php would solve quite a few problems... On my system: [root@babylon5 ~]# package-cleanup --problems Setting up yum Reading local RPM database Processing all local requires Missing dependencies: Package gallery2-gd requires php-gd Package squirrelmail requires php >= 4.0.4 Package squirrelmail requires php-mbstring Package php-pear-DB requires php-common >= 4.2.0 Package php-IDNA_Convert requires php Package phpmyadmin requires php-mysql >= 4.1.0 Package php-Smarty requires php >= 5.1.6-3.5 Package mediawiki requires php >= 5 Package mediawiki requires php-gd Package mediawiki requires php-mysql Package mediawiki requires php-pgsql Package mediawiki requires php-xml Package gallery2 requires php >= 4.3.0 All depencancy problems on this box are due to the php packages
squirrelmail should depend on mod_php, not php or php-common, this is not a php53 bug. "Requires: php" doesn't mean much. If you want /usr/bin/php, depend on php-cli or /usr/bin/php. If you want the httpd module, depend on mod_php.
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux release for currently deployed products. This request is not yet committed for inclusion in a release.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0126.html