Red Hat Bugzilla – Bug 864999
pulp doesnt handle errata spanning across multiple repos case
Last modified: 2014-09-18 11:32:56 EDT
+++ This bug was initially created as a clone of Bug #860800 +++ Description from email from Andreas Piesk: let's take errata RHBA-2012:1305 for example. Red Hat published for "RHEL 6 Workstation i386" the following affected packages (see https://rhn.redhat.com/errata/RHBA-2012-1305.html): openswan-2.6.32-19.el6_3.src.rpm openswan-2.6.32-19.el6_3.i686.rpm openswan-debuginfo-2.6.32-19.el6_3.i686.rpm openswan-doc-2.6.32-19.el6_3.i686.rpm this is an errata spanning multiple repos, namely 'optional' and 'os': updateinfo.xml "rhel-i386-workstation-optional-6": <id>RHBA-2012:1305</id> <title>openswan bug fix update</title> <issued date="2012-09-24 00:00:00"/><updated date="2012-09-24 00:00:00"/> <pkglist><collection short="rhel-i386-workstation-optional-6"> <filename>openswan-doc-2.6.32-19.el6_3.i686.rpm</filename> </collection> </pkglist> updateinfo.xml "rhel-i386-workstation-os-6": <id>RHBA-2012:1305</id> <title>openswan bug fix update</title> <issued date="2012-09-24 00:00:00"/> <updated date="2012-09-24 00:00:00"/> <pkglist><collection short="rhel-i386-workstation-6"> <filename>openswan-2.6.32-19.el6_3.i686.rpm</filename> </package></collection></pkglist> but pulp-admin shows only one filename, the one from repo 'os': $ pulp-admin errata info --id RHBA-2012:1305 Id RHBA-2012:1305 Title openswan bug fix update Type bugfix Issued 2012-09-24 00:00:00 Updated 2012-09-24 00:00:00 Version 1 Release Status final Packages Effected openswan-2.6.32-19.el6_3.i686.rpm Reboot Suggested False References href : https://rhn.redhat.com/errata/RHBA-2012-1305.html type : self id : None title : RHBA-2012:1305 a json dump of errata in 'class Info(ErrataAction)' shows: "id": "RHBA-2012:1305", "issued": "2012-09-24 00:00:00", "pkglist": [ { "name": "Red Hat Enterprise Linux Workstation (v. 6 for 32-bit x86)", "packages": [ { "arch": "i686", "epoch": "0", "filename": "openswan-2.6.32-19.el6_3.i686.rpm", "name": "openswan", "release": "19.el6_3", "src": "openswan-2.6.32-19.el6_3.src.rpm", "sum": [ "sha256", "02deefd2ab19a440da74992fa03ae1de7e9a2dd017fc42257981027ade0a7206" ], "version": "2.6.32" } ], "short": "rhel-i386-workstation-6" } ], "repoids": [ "rhel6Workstation-i386-os", "rhel6Workstation-i386-optional" ], as far as i understand the code, the first errata with this id, in this case from "rhel6Workstation-i386-os" is stored and assigned to "rhel6Workstation-i386-os". the errata with the same id from "rhel6Workstation-i386-optional" has the same timestamp and is ignored (sync_updateinfo_data()) _but_ the id is saved and used in _add_erratum() to assign this errata to "rhel6Workstation-i386-optional". so basically the errata from one repo with a filelist x is used for all repos which have the same errata but with a dfferent filelist. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: --- Additional comment from pkilambi@redhat.com on 2012-10-02 12:01:19 EDT --- fixed! commit 86125ca3ab40dbbe53b7c1aedbe0466318c0a10a --- Additional comment from jortel@redhat.com on 2012-10-04 09:23:38 EDT --- build: 1.1.13 --- Additional comment from pthomas@redhat.com on 2012-10-04 13:31:45 EDT --- verified [root@pulp-v1-server ~]# rpm -q pulp pulp-1.1.13-1.el6.noarch [root@pulp-v1-server ~]# [root@pulp-v1-server ~]# pulp-admin errata info --id RHBA-2012:1305 Id RHBA-2012:1305 Title openswan bug fix update Description Openswan is a free implementation of IPsec (Internet Protocol Security) and IKE (Internet Key Exchange) for Linux. The openswan packages contain daemons and user-space tools for setting up Openswan. It supports the NETKEY/XFRM IPsec kernel stack that exists in the default Linux kernel. Openswan 2.6 and later also supports IKEv2 (Internet Key Exchange Protocol version 2), which is defined in RFC5996. This update fixes the following bug: * When a tunnel was established between two IPsec hosts (say host1 and host2) utilizing DPD (Dead Peer Detection), and if host2 went offline while host1 continued to transmit data, host1 continually queued multiple phase 2 requests after the DPD action. When host2 came back online, the stack of pending phase 2 requests was established, leaving a new IPsec SA (Security Association), and a large group of extra SA's that consumed system resources and eventually expired. This update ensures that openswan has just a single pending phase 2 request during the time that host2 is down, and when host2 comes back up, only a single new IPsec SA is established, thus preventing this bug. (BZ#852454) All users of openswan are advised to upgrade to these updated packages, which fix this bug. Type bugfix Issued 2012-09-24 00:00:00 Updated 2012-09-24 00:00:00 Version 1 Release Status final Packages Effected openswan-2.6.32-19.el6_3.i686.rpm, openswan-doc-2.6.32-19.el6_3.i686.rpm Reboot Suggested False References href : https://rhn.redhat.com/errata/RHBA-2012-1305.html type : self id : None title : RHBA-2012:1305 [root@pulp-v1-server ~]# --- Additional comment from pthomas@redhat.com on 2012-10-04 13:34:29 EDT --- [root@pulp-v1-server ~]# pulp-admin repo list +------------------------------------------+ List of Available Repositories +------------------------------------------+ Id rhel-6-w Name rhel-6-w Repo URL https://pulp-v1-server.usersys.redhat.com/pulp/repos/content/dist/rhel/workstation/6/6.3/i386/os/ Feed URL https://cdn.redhat.com/content/dist/rhel/workstation/6/6.3/i386/os Feed Type remote Content Type yum Feed Certs CA:Yes Cert:Yes Consumer Certs CA:No Cert:No Architecture noarch Sync Schedule None Packages 7319 Files 0 Distributions ks-Red Hat Enterprise Linux-Workstation-6.3-i386 Publish True Clones [] Groups None Filters [] Notes {} Preserve Metadata True Checksum Type sha Id rhel-6-w-optional Name rhel-6-w-optional Repo URL https://pulp-v1-server.usersys.redhat.com/pulp/repos/content/dist/rhel/workstation/6/6.3/i386/optional/os/ Feed URL https://cdn.redhat.com/content/dist/rhel/workstation/6/6.3/i386/optional/os/ Feed Type remote Content Type yum Feed Certs CA:Yes Cert:Yes Consumer Certs CA:No Cert:No Architecture noarch Sync Schedule None Packages 3207 Files 0 Distributions None Publish True Clones [] Groups None Filters [] Notes {} Preserve Metadata True Checksum Type sha [root@pulp-v1-server ~]#
this is already in pulp-1.1.13-1.el6cf: https://bugzilla.redhat.com/show_bug.cgi?id=860800#c2 forcing this into 1.1
* With only 1 channel enabled [root@qetello01 ~]# pulp-admin errata info --id RHBA-2012:1305 Id RHBA-2012:1305 Title openswan bug fix update Description Openswan is a free implementation of IPsec (Internet Protocol Security) and IKE (Internet Key Exchange) for Linux. The openswan packages contain daemons and user-space tools for setting up Openswan. It supports the NETKEY/XFRM IPsec kernel stack that exists in the default Linux kernel. Openswan 2.6 and later also supports IKEv2 (Internet Key Exchange Protocol version 2), which is defined in RFC5996. This update fixes the following bug: * When a tunnel was established between two IPsec hosts (say host1 and host2) utilizing DPD (Dead Peer Detection), and if host2 went offline while host1 continued to transmit data, host1 continually queued multiple phase 2 requests after the DPD action. When host2 came back online, the stack of pending phase 2 requests was established, leaving a new IPsec SA (Security Association), and a large group of extra SA's that consumed system resources and eventually expired. This update ensures that openswan has just a single pending phase 2 request during the time that host2 is down, and when host2 comes back up, only a single new IPsec SA is established, thus preventing this bug. (BZ#852454) All users of openswan are advised to upgrade to these updated packages, which fix this bug. Type bugfix Issued 2012-09-24 00:00:00 Updated 2012-09-24 00:00:00 Version 1 Release Status final Packages Effected openswan-2.6.32-19.el6_3.x86_64.rpm Reboot Suggested False References href : https://rhn.redhat.com/errata/RHBA-2012-1305.html type : self id : None title : RHBA-2012:1305 * With 2 channels enabled: # pulp-admin errata info --id RHBA-2012:1305 Id RHBA-2012:1305 Title openswan bug fix update Description Openswan is a free implementation of IPsec (Internet Protocol Security) and IKE (Internet Key Exchange) for Linux. The openswan packages contain daemons and user-space tools for setting up Openswan. It supports the NETKEY/XFRM IPsec kernel stack that exists in the default Linux kernel. Openswan 2.6 and later also supports IKEv2 (Internet Key Exchange Protocol version 2), which is defined in RFC5996. This update fixes the following bug: * When a tunnel was established between two IPsec hosts (say host1 and host2) utilizing DPD (Dead Peer Detection), and if host2 went offline while host1 continued to transmit data, host1 continually queued multiple phase 2 requests after the DPD action. When host2 came back online, the stack of pending phase 2 requests was established, leaving a new IPsec SA (Security Association), and a large group of extra SA's that consumed system resources and eventually expired. This update ensures that openswan has just a single pending phase 2 request during the time that host2 is down, and when host2 comes back up, only a single new IPsec SA is established, thus preventing this bug. (BZ#852454) All users of openswan are advised to upgrade to these updated packages, which fix this bug. Type bugfix Issued 2012-09-24 00:00:00 Updated 2012-09-24 00:00:00 Version 1 Release Status final Packages Effected openswan-2.6.32-19.el6_3.x86_64.rpm, openswan-doc-2.6.32-19.el6_3.x86_64.rpm Reboot Suggested False References href : https://rhn.redhat.com/errata/RHBA-2012-1305.html type : self id : None title : RHBA-2012:1305
Verified: * candlepin-0.7.8.1-1.el6cf.noarch * candlepin-selinux-0.7.8.1-1.el6cf.noarch * candlepin-tomcat6-0.7.8.1-1.el6cf.noarch * katello-1.1.12-16.el6cf.noarch * katello-all-1.1.12-16.el6cf.noarch * katello-candlepin-cert-key-pair-1.0-1.noarch * katello-certs-tools-1.1.8-1.el6cf.noarch * katello-cli-1.1.8-7.el6cf.noarch * katello-cli-common-1.1.8-7.el6cf.noarch * katello-common-1.1.12-16.el6cf.noarch * katello-configure-1.1.9-7.el6cf.noarch * katello-glue-candlepin-1.1.12-16.el6cf.noarch * katello-glue-pulp-1.1.12-16.el6cf.noarch * katello-qpid-broker-key-pair-1.0-1.noarch * katello-qpid-client-key-pair-1.0-1.noarch * katello-selinux-1.1.1-1.el6cf.noarch * pulp-1.1.13-1.el6cf.noarch * pulp-admin-1.1.13-1.el6cf.noarch * pulp-client-lib-1.1.13-1.el6cf.noarch * pulp-common-1.1.13-1.el6cf.noarch * pulp-selinux-server-1.1.13-1.el6cf.noarch
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2012-1543.html