FEDORA-2021-5b1dac797b created by spot a month ago for Fedora 35
stable

Fix issue with incorrect obsoletes.

How to install

sudo dnf upgrade --advisory=FEDORA-2021-5b1dac797b

This update has been submitted for testing by spot.

a month ago

This update's test gating status has been changed to 'failed'.

a month ago

This update's test gating status has been changed to 'waiting'.

a month ago

This update's test gating status has been changed to 'failed'.

a month ago
User Icon adamwill commented & provided feedback a month ago

I'm looking into the automated test failures here. The error is that the updated packages are not getting installed when they were expected to be installed, but I'm figuring out the cause of that. It's not clearly an error in the packages like it usually is when this happens.

This update has been pushed to testing.

a month ago
User Icon adamwill commented & provided feedback a month ago

So, yeah, this is very odd. I can reproduce it locally. I set up a side repo with the -2.fc35 build in it (plus ntfs-3g-system-compression-1.0-7.fc35, which needs to be available for deps to resolve). The -1.fc35 build is currently in updates-testing. Now check this out:

[adamw@xps13k /]$ sudo dnf --disablerepo=updates-testing update ntfs-3g*
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/fedora-updates-testing.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/fedora-updates-testing.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/fedora-updates-testing.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Private side repo                                                                                                                                            2.9 MB/s | 3.0 kB     00:00    
Private side repo                                                                                                                                            948 kB/s | 4.6 kB     00:00    
Dependencies resolved.
=============================================================================================================================================================================================
 Package                                                   Architecture                          Version                                           Repository                           Size
=============================================================================================================================================================================================
Upgrading:
 ntfs-3g                                                   x86_64                                2:2021.8.22-2.fc35                                side                                127 k
 ntfs-3g-system-compression                                x86_64                                1.0-7.fc35                                        side                                 28 k
 ntfsprogs                                                 x86_64                                2:2021.8.22-2.fc35                                side                                368 k
Installing dependencies:
 ntfs-3g-libs                                              x86_64                                2:2021.8.22-2.fc35                                side                                174 k

Transaction Summary
=============================================================================================================================================================================================
Install  1 Package
Upgrade  3 Packages

Total size: 697 k
Is this ok [y/N]: n
Operation aborted.
[adamw@xps13k /]$ sudo dnf update ntfs-3g*
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/fedora-updates-testing.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/fedora-updates-testing.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/fedora-updates-testing.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Last metadata expiration check: 0:00:11 ago on Wed 08 Sep 2021 11:49:33 AM.
Dependencies resolved.
=============================================================================================================================================================================================
 Package                                                Architecture                       Version                                         Repository                                   Size
=============================================================================================================================================================================================
Upgrading:
 ntfs-3g                                                x86_64                             2:2021.8.22-1.fc35                              updates-testing                             127 k
 ntfs-3g-system-compression                             x86_64                             1.0-7.fc35                                      updates-testing                              28 k
 ntfsprogs                                              x86_64                             2:2021.8.22-1.fc35                              updates-testing                             368 k
Installing dependencies:
 ntfs-3g-libs                                           x86_64                             2:2021.8.22-1.fc35                              updates-testing                             174 k

Transaction Summary
=============================================================================================================================================================================================
Install  1 Package
Upgrade  3 Packages

Total download size: 697 k
Is this ok [y/N]: n
Operation aborted.

i.e. if I run a dnf update with the updates-testing repo disabled, dnf picks the -2.fc35 packages from the side repo...but if I run dnf update with the updates-testing repo enabled, for some reason it prefers the -1.fc35 packages from updates-testing over the -2.fc35 packages from the side repo. I don't understand why, though.

This problem may 'go away' once the update is pushing to testing and replaces the -1.fc35 packages there, I guess.

User Icon adamwill commented & provided feedback a month ago

ah, no, it didn't 'go away', because the -1.fc35 builds are now in stable for f33, f34 and f35. So we still have -1.fc35 and -2.fc35 both available when the test runs, and dnf picks -1.fc35 over -2.fc35.

Another thing I can do is rebuild the openQA base disk images to include -1.fc35, so that's where we start out, and see if the update from there to -2.fc35 works. This is just papering over the issue, but I guess it'd be kinda acceptable, because it would mean the 'real world' consequence would only be that if both are available when a system updates from an older version, it will first go to -1.fc35, then -2.fc35, which isn't so bad. I'll try that.

This update's test gating status has been changed to 'passed'.

a month ago
User Icon besser82 commented & provided feedback a month ago
karma

Works great! LGTM! =)

This update can be pushed to stable now if the maintainer wishes

a month ago

spot edited this update.

a month ago

This update has been submitted for stable by spot.

a month ago

This update has been pushed to stable.

3 weeks ago

Please login to add feedback.

Metadata
Type
security
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
a month ago
in testing
a month ago
in stable
3 weeks ago
modified
a month ago
BZ#2001608 CVE-2021-33285 ntfs3g: when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur.
0
0
BZ#2001613 CVE-2021-33287 ntfs-3g: When specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur
0
0
BZ#2001616 CVE-2021-33289 ntfs-3g: When a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur
0
0
BZ#2001619 CVE-2021-35266 ntfs-3g: When a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur
0
0
BZ#2001621 CVE-2021-35267 ntfs-3g: A stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution
0
0
BZ#2001623 CVE-2021-35268 ntfs-3g: When a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur
0
0
BZ#2001645 CVE-2021-35269 ntfs-3g: when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur
0
0
BZ#2001649 CVE-2021-39251 ntfs-3g: A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open
0
0
BZ#2001650 CVE-2021-39252 ntfs-3g: A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup
0
0
BZ#2001651 CVE-2021-39253 ntfs-3g: A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i
0
0
BZ#2001652 CVE-2021-39254 ntfs-3g: A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow
0
0
BZ#2001755 Cannot install ntfs-3g on Fedora 34: ntfs-3g-libs is already installed
0
0
BZ#2004497 CVE-2021-33285 ntfs-3g: ntfs3g: when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur. [fedora-all]
0
0
BZ#2004520 CVE-2021-33287 ntfs-3g: When specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur [fedora-all]
0
0
BZ#2004613 CVE-2021-33289 ntfs-3g: When a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur [fedora-all]
0
0
BZ#2004626 CVE-2021-35266 ntfs-3g: When a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur [fedora-all]
0
0
BZ#2004636 CVE-2021-35268 ntfs-3g: When a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur [fedora-all]
0
0
BZ#2004655 CVE-2021-35267 ntfs-3g: A stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution [fedora-all]
0
0
BZ#2004668 CVE-2021-35269 ntfs-3g: when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur [fedora-all]
0
0
BZ#2004680 CVE-2021-39251 ntfs-3g: A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open [fedora-all]
0
0
BZ#2004688 CVE-2021-39252 ntfs-3g: A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup [fedora-all]
0
0
BZ#2004695 CVE-2021-39253 ntfs-3g: A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i [fedora-all]
0
0
BZ#2004704 CVE-2021-39254 ntfs-3g: A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow [fedora-all]
0
0

Automated Test Results