[Bug 554832] New: zypper from softwaremgmt-200911 installs false patches
http://bugzilla.novell.com/show_bug.cgi?id=554832 Summary: zypper from softwaremgmt-200911 installs false patches Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: x86-64 OS/Version: openSUSE 11.1 Status: NEW Severity: Normal Priority: P5 - None Component: Maintenance AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: werner.flamme@ufz.de QAContact: qa@suse.de Found By: --- Created an attachment (id=327052) --> (http://bugzilla.novell.com/attachment.cgi?id=327052) output of zypper for all the downgrades User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; de; rv:1.9.1.5) Gecko/20091103 SUSE/3.5.5-2.1 Firefox/3.5.5 Hi, I just installed the patch "softwaremgmt-200911" and now zypper shows a strange behaviour. First, with "zypper lu" all packages are shown, but no patches. When using the standard "zypper lu", "zypper up" sequence, all packages are updated, and "zypper lu" shows that no updates are found. However, the updater applet shows the red triangle. A "zypper lu -t patch" shows: # zypper lu -t patch Loading repository data... Reading installed packages... Patches Repository | Name | Version | Category | Status ----------------------+------------------+---------+----------+------- openSUSE-11.1-Updates | apache2-mod_php5 | 441 | security | Needed openSUSE-11.1-Updates | apache2-mod_php5 | 593 | security | Needed openSUSE-11.1-Updates | apache2-mod_php5 | 1334 | security | Needed Hm... OK, so let's patch: (see attachment, about 2000 lines) Resolving dependencies... Resolving package dependencies... The following package is going to be upgraded: php5-suhosin The following packages are going to be downgraded: apache2-mod_php5 php5 php5-bcmath php5-big_int php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-devel php5-dom php5-exif php5-fastcgi php5-fileinfo php5-ftp php5-gd php5-gettext php5-gmp php5-hash php5-hidef php5-html_parse php5-iconv php5-imap php5-intl php5-json php5-ldap php5-lzf php5-mbstring php5-mcrypt php5-mdbtools php5-mysql php5-odbc php5-openssl php5-pam php5-parse_tree php5-pcntl php5-pdo php5-pear php5-pecl_http php5-posix php5-rar php5-readline php5-smtp_injector php5-snmp php5-soap php5-sockets php5-sqlite php5-svn php5-syck php5-sysvmsg php5-sysvsem php5-sysvshm php5-tidy php5-tokenizer php5-uploadprogress php5-uuid php5-vld php5-wddx php5-xdebug php5-xmlreader php5-xmlrpc php5-xmlwriter php5-xsl php5-zip php5-zlib The following packages are going to change vendor: apache2-mod_php5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd php5-gettext php5-gmp php5-hash php5-iconv php5-imap php5-json php5-ldap php5-mbstring php5-mcrypt php5-mysql php5-odbc php5-openssl php5-pcntl php5-pdo php5-pear php5-posix php5-readline php5-snmp php5-soap php5-sockets php5-sqlite php5-suhosin php5-sysvmsg php5-sysvsem php5-sysvshm php5-tidy php5-tokenizer php5-wddx php5-xmlreader php5-xmlrpc php5-xmlwriter php5-xsl php5-zip php5-zlib Overall download size: 7.0 M. After the operation, 3.9 M will be freed. Continue? [YES/no]: Retrieving package php5-5.2.11-0.1.1.x86_64 (1/66), 985.0 K (2.8 M unpacked) ---pins--- That's not was is coming up now, is it? All my PHP5 from the buildservice, updated just minutes ago from home:andtecheu, gone? This is not meant seriously, is it? It sure is important to install patches, but why install a patch of php5-5.2.11 against an installed php5-5.3.1? The patch should show itself as "not applicable", shouldn't it? And as soon as I install the newer version of PHP, I get again the red triangle indicating a security patch that needs to be applied? You're kidding! Please revert to the behaviour that zypper showed before the installation of "softwaremgmt-200911". Regards, Werner Reproducible: Always Steps to Reproduce: 1. with "zypper up -t patch", install "softwaremgmt-200911" 2. install the newest PHP5-5.3.1 from (for example) server:php 3. with "zypper lu -t patch", you see the patches for PHP5-5.2.11 that will be installed once you give a "zypper up -t patch" Actual Results: PHP5-5.3.1 was downgraded to PHP5-5.2.11. I manually updated to PHP5-5.3.1, and the patches show up again. Expected Results: I expect that zypper does not show patches that are not applicable. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=554832#c1
shuang qiu
http://bugzilla.novell.com/show_bug.cgi?id=554832#c
shuang qiu
http://bugzilla.novell.com/show_bug.cgi?id=554832#c2
Ján Kupec
http://bugzilla.novell.com/show_bug.cgi?id=554832#c3
--- Comment #3 from Ján Kupec
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c4
--- Comment #4 from Werner Flamme
Please attach /var/log/zypper.log. Thanks.
After 2 weeks in holidays, I try to attach it - but the attachment interface does not show the name. Maybe it's too big? # ll zypper.log-20091112.gz -rw-r--r-- 1 root root 1189469 12. Nov 10:14 zypper.log-20091112.gz Sorry, Werner -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c5
--- Comment #5 from Werner Flamme
Please attach also a solver testcase generated with: 'zypper patch --debug-solver' (btw, 'zypper patch' == 'zypper up -t patch').
I created one, but I cannot get it attached via the web interface, just like the zypper.log. I get the window to chose the file, click on it - but no file name is inserted. Manual insertion is impossible, my keystrokes do not show up. When I leave the filed empty after selection (in vain hope, that the file *is* selected, but not shown) I get a "no file attached" error. I treid to split the file in smaller parts, but to no avail: -rw-r--r-- 1 root root 5897484 2. Dez 18:03 solverTestCase.tar.bz2 -rw-r--r-- 1 root root 1024000 2. Dez 18:09 solverTestCase.tar.bz2.00 -rw-r--r-- 1 root root 1024000 2. Dez 18:09 solverTestCase.tar.bz2.01 -rw-r--r-- 1 root root 1024000 2. Dez 18:09 solverTestCase.tar.bz2.02 -rw-r--r-- 1 root root 1024000 2. Dez 18:09 solverTestCase.tar.bz2.03 -rw-r--r-- 1 root root 1024000 2. Dez 18:09 solverTestCase.tar.bz2.04 -rw-r--r-- 1 root root 777484 2. Dez 18:09 solverTestCase.tar.bz2.05 So, unfortunately I cannot provide any of the requested files. I'm using FF 3.5.5 on oS 11.1 x86_64. In the meantime, zypper's behaviour changed by asking me whether I want do downgrade a lot of packages or skip the installation of the apache2-mod_php5 patch. Of course I use "skip", but the question should not show up... I'm waiting with the upgrade to 11.2 until I can provide you the zypper.log and testcase. I'll try to put in on my private homepage so you can access it from there :-( Regards, Werner -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c6
--- Comment #6 from Ján Kupec
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c7
--- Comment #7 from Werner Flamme
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c8
--- Comment #8 from Werner Flamme
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c9
Andrius Kasparavicius
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c
Andrius Kasparavicius
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c10
--- Comment #10 from Andrius Kasparavicius
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c
Ján Kupec
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c11
Ján Kupec
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c12
--- Comment #12 from Ján Kupec
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c13
--- Comment #13 from Werner Flamme
The problem is patch:apache2-mod_php5-1334.noarch conflicts with php5-suhosin.x86_64 < 5.2.11-0.1.1 provided by php5-suhosin-0.9.29-1.15.x86_64.
The problem is the php5-suhosin from http://download.opensuse.org/repositories/server:/php:/extensions/server_php... has way too low version. php5-suhosin in openSUSE 11.x has versions 5.x.x.
So the php patch is correctly rendered as not satisfied/installed (because it sees the old version of php5-suhosin) and correctly wants to downgrade all the php packages in order to make the dependencies right.
This low version in server:php:extensions repo is probably by mistake (?). Please contact the maintainers of this repository for explanation/fix.
This is right, but this is not why I opened this bug. I opened this bug because zypper did a complete downgrade of my installed php 5.3.1 environment because it installed the php 5.2.11 patch. I still do not see why zypper would even suggest to apply a patch for apache2-mod_php5 5.2.11 when I do not have 5.2.11 installed but 5.3.1. I do not see that this bug is solved. For example, the updater applet still shows the red triangle because it wants to "update" my apache2-mod_php5 5.3.1 to 5.2.11. BTW, YaST's Software Management does not complain about php5-suhosin-0.9.29-1.21 that I have installed here. Regards, Werner -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c14
--- Comment #14 from Ján Kupec
(In reply to comment #11)
The problem is patch:apache2-mod_php5-1334.noarch conflicts with php5-suhosin.x86_64 < 5.2.11-0.1.1 provided by php5-suhosin-0.9.29-1.15x86_64.
I opened this bug because zypper did a complete downgrade of my installed php 5.3.1 environment because it installed the php 5.2.11 patch. I still do not see why zypper would even suggest to apply a patch for apache2-mod_php5 5.2.11 when I do not have 5.2.11 installed but 5.3.1.
Because of the php5-suhosin package. The patch is essentially a list of packages with version that are not wanted (read 'buggy'). The update repo has patches with list these unwanted packages and at the same time provides the new (fixed) version of packages. So, if zypp finds an unwanted package on your system (php5-suhosin-0.9.29), it renders the patch listing this package as needed (and the apache2-mod_php5-1334 patch indeed has php5-suhosin-5.2.11) and tries to get rid of any older versions of listed packages (thus, it does not want php5-suhosin-0.9.29). All the downgrades are then probably needed because in order to satisfy the patch, you need to install php5-suhosin-5.2.11, which in turn requires the older versions of the rest of the php packages.
I do not see that this bug is solved. For example, the updater applet still shows the red triangle because it wants to "update" my apache2-mod_php5 53.1 to 5.2.11.
Yes, for the above reason. I consider this bug solved because from the POV of openSUSE's software management, the behavior is correct. You have several options now. Either you stop using the repository having the old php5-suhosin package on your oS 11.1, or you get the maintainers of the repo tho fix the issue, etc... If it was a bug in the software management tools, we would fix it, but the bug is in the OBS repository you use - that's between you and the repository maintainer.
BTW, YaST's Software Management does not complain about php5-suhosin-0.9.29-1.21 that I have installed here.
Because it does not work with *patches* at all. That's the same as if you'd only work with 'zypper up', instead of 'zypper patch'. I'm sure YaST Online Update would do the same as 'zypper patch' - suggest to install the apache2-mod_php5-1334 patch. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c15
--- Comment #15 from Ján Kupec
http://bugzilla.novell.com/show_bug.cgi?id=554832
http://bugzilla.novell.com/show_bug.cgi?id=554832#c16
--- Comment #16 from Werner Flamme
participants (1)
-
bugzilla_noreply@novell.com