Re: [RHEA-2002:024-23] Updated rpm packages available

From: helmut g. katzgraber (dummkopf@physics.ucsc.edu)
Date: 03/26/02 

Date: Tue, 26 Mar 2002 14:27:55 -0800 (PST)
From: "helmut g. katzgraber" <dummkopf@physics.ucsc.edu>
To: bugtraq@securityfocus.com

hi all,

below is the header of redhats latest errata update. since i have
7.2 installed, i tried to upgrade the files listed below which
are the ones one has to install to fix the problems listed in the
errata. i have not tested this for any other combination of
redhat release / architecture.

gnorpm-0.96-12.7x.i386.rpm
kdeadmin-2.2.2-3.i386.rpm
popt-1.6.4-7x.i386.rpm
python-popt-0.8.7-7.x.2.i386.rpm
rpm-4.0.4-7x.i386.rpm
rpm-build-4.0.4-7x.i386.rpm
rpm-devel-4.0.4-7x.i386.rpm
rpm-perl-4.0.4-7x.i386.rpm
rpm-python-4.0.4-7x.i386.rpm
rpm2html-1.7-3.7x.i386.rpm
rpmfind-1.7-4.7x.i386.rpm

here's the problem:

[nacaq /home/dummkopf] rpm -Fvh *.rpm
error: failed dependencies:
        poptmodule.so is needed by up2date-2.7.46-7.x.2

oops. there seems to be a dependency problem. let's check:

[nacaq /home/dummkopf] locate poptmodule.so
/usr/lib/python1.5/site-packages/poptmodule.so

therefore check which package owns this file:

[nacaq /home/dummkopf] rpm -qf /usr/lib/python1.5/site-packages/poptmodule.so
rpm-python-4.0.3-1.03

check what the upgraded rpm rpm-python contains:

[nacaq /home/dummkopf] rpm -qlp rpm-python-4.0.4-7x.i386.rpm | more
/usr/lib/python1.5/site-packages/rpmmodule.so

looks like redhat renamed something here and did not upgrade the
dependencies. i guess they will have to reissue this advisory
with a fix or a clear installation instruction for the
handicapped, like me...

cheers, h.

[in the meantime i send a note to redhat, along with the
original post of this message to bugtraq, but there has not been
any reaction. while this is not a urgent security issue per se,
being not able to upgrade rpms could be a potential security
issue in the future.]

cc: bugtraq

_______________________________________________________________
Dr. Helmut G. Katzgraber dummkopf@physics.ucdavis.edu
Department of Physics http://nacaq.ucdavis.edu/
University of California, Davis Phone: (+1) 530-752-9855
One Shields Ave, Davis, CA 95616 Fax: (+1) 530-752-4717

bugzilla@redhat.com (2002-03-20 12:38 -0500) wrote:

# ---------------------------------------------------------------------
# Red Hat, Inc. Red Hat Enhancement Advisory
#
# Synopsis: Updated rpm packages available
# Advisory ID: RHEA-2002:024-23
# Issue date: 2002-02-08
# Updated on: 2002-03-20
# Product: Red Hat Linux
# Keywords:
# Cross references:
# Obsoletes:
# ---------------------------------------------------------------------

Relevant Pages

  • Re: Is my old RedHat computer doomed?
    ... It has Redhat 8.0 installed on it and it's a fine machine: ... Invest in a RAM upgrade. ... Ebay's probably a good bet for secondhand RAM that will work with it. ... Then install the latest Fedora. ...
    (uk.comp.os.linux)
  • Redhat 9 Upgrade Problem
    ... I have Redhat 8 installed on a Dell laptop and I'm trying to upgrade ... suggestion I tried entering 'linux upgradeany' at the prompt. ... same install procedure from the cd and there is still no upgrade ...
    (comp.os.linux.setup)
  • Re: Updating System Libraries
    ... > I have a RedHat 6.2 installation that I would like to upgrade with the ... > o Changed the symbolic links in /lib to point to ... FTP install. ...
    (comp.os.linux.setup)
  • Upgrading RH 7.2 to 9
    ... RAID5 partitions. ... When I try to upgrade them to Redhat 9 the install ... I'm trying to perform a network-based install as the servers don't have ...
    (RedHat)
  • Re: Web vs. Desktop based systems
    ... provider with better privacy policy (perhaps Yahoo) also provides ... to other folder or reporting spam or changing the filter recipes. ... But how do you *really* know the important upgrade that keeps ... The alert-window doesn't exactly say *why* you need to install this ...
    (comp.programming)