parent
c1f1d7a9d1
commit
419269c66a
@ -1 +1 @@
|
|||||||
SOURCES/libdnf-0.67.0.tar.gz
|
SOURCES/libdnf-0.69.0.tar.gz
|
||||||
|
@ -1 +1 @@
|
|||||||
2abb8e24d867da4433345678764163e703b7729f SOURCES/libdnf-0.67.0.tar.gz
|
744fc8ba2ad6906c87fc6d91cb953735d1f285e2 SOURCES/libdnf-0.69.0.tar.gz
|
||||||
|
@ -0,0 +1,89 @@
|
|||||||
|
From 2834747bff215c6f8da4eef2820c29bc05e172e1 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
|
||||||
|
Date: Wed, 7 Sep 2022 09:07:04 +0200
|
||||||
|
Subject: [PATCH] Allow change of arch during security updates with noarch
|
||||||
|
(RhBug:2124483)
|
||||||
|
|
||||||
|
This matches upgrade behaviour where upgrading from/to noarch is a
|
||||||
|
special case and architecture change of a package is allowed
|
||||||
|
automatically.
|
||||||
|
|
||||||
|
= changelog =
|
||||||
|
msg: Allow change of architecture for packages during security updates with noarch involved
|
||||||
|
type: security
|
||||||
|
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2124483
|
||||||
|
---
|
||||||
|
libdnf/sack/query.cpp | 34 ++++++++++++++++++++++++----------
|
||||||
|
1 file changed, 24 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/libdnf/sack/query.cpp b/libdnf/sack/query.cpp
|
||||||
|
index 8672275d..205439ec 100644
|
||||||
|
--- a/libdnf/sack/query.cpp
|
||||||
|
+++ b/libdnf/sack/query.cpp
|
||||||
|
@@ -189,6 +189,13 @@ NameArchSolvableComparator(const Solvable * first, const Solvable * second)
|
||||||
|
return first->arch < second->arch;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static bool
|
||||||
|
+NameSolvableComparator(const Solvable * first, const Solvable * second)
|
||||||
|
+{
|
||||||
|
+ return first->name < second->name;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
static bool
|
||||||
|
NamePrioritySolvableKey(const Solvable * first, const Solvable * second)
|
||||||
|
{
|
||||||
|
@@ -1878,11 +1885,14 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
|
||||||
|
std::vector<Solvable *> installed_solvables;
|
||||||
|
|
||||||
|
if (cmp_type & HY_UPGRADE) {
|
||||||
|
- // When doing HY_UPGRADE consider only candidate pkgs that have matching Name and Arch with:
|
||||||
|
- // * some already installed pkg (in other words: some other version of the pkg is already installed)
|
||||||
|
- // or
|
||||||
|
- // * with pkg that obsoletes some already installed (or to be installed in this transaction) pkg
|
||||||
|
- // Otherwise a pkg with different Arch than installed can end up in upgrade set which is wrong.
|
||||||
|
+ // When doing HY_UPGRADE consider only candidate pkgs that:
|
||||||
|
+ // * have matching Name and Arch with some already installed pkg
|
||||||
|
+ // (in other words: some other version of the pkg is already installed)
|
||||||
|
+ // * have matching Name with some already installed pkg and either the candidate or the installed pkg is noarch.
|
||||||
|
+ // This matches upgrade behavior where we allow architecture change only when noarch is involved.
|
||||||
|
+ // Details: RhBug:2124483, RhBug:2101398 and RhBug:1171543
|
||||||
|
+ // * obsoletes some already installed (or to be installed in this transaction) pkg
|
||||||
|
+ // Otherwise a pkg with different Arch than installed (and than noarch) can end up in upgrade set which is wrong.
|
||||||
|
// It can result in dependency issues, reported as: RhBug:2088149.
|
||||||
|
|
||||||
|
Query installed(sack, ExcludeFlags::IGNORE_EXCLUDES);
|
||||||
|
@@ -1893,7 +1903,7 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
|
||||||
|
while ((installed_id = installed.pImpl->result->next(installed_id)) != -1) {
|
||||||
|
installed_solvables.push_back(pool_id2solvable(pool, installed_id));
|
||||||
|
}
|
||||||
|
- std::sort(installed_solvables.begin(), installed_solvables.end(), NameArchSolvableComparator);
|
||||||
|
+ std::sort(installed_solvables.begin(), installed_solvables.end(), NameSolvableComparator);
|
||||||
|
|
||||||
|
Query obsoletes(sack, ExcludeFlags::IGNORE_EXCLUDES);
|
||||||
|
obsoletes.addFilter(HY_PKG, HY_EQ, resultPset);
|
||||||
|
@@ -1915,12 +1925,16 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
|
||||||
|
}
|
||||||
|
|
||||||
|
Id id = -1;
|
||||||
|
- // Add to candidates resultPset pkgs that match name and arch with some already installed pkg
|
||||||
|
+ // Add to candidates resultPset pkgs that match name and arch with some already installed pkg or match name and either the installed or candidate are NOARCH
|
||||||
|
while ((id = resultPset->next(id)) != -1) {
|
||||||
|
Solvable * s = pool_id2solvable(pool, id);
|
||||||
|
- auto low = std::lower_bound(installed_solvables.begin(), installed_solvables.end(), s, NameArchSolvableComparator);
|
||||||
|
- if (low != installed_solvables.end() && s->name == (*low)->name && s->arch == (*low)->arch) {
|
||||||
|
- candidates.push_back(s);
|
||||||
|
+ auto low = std::lower_bound(installed_solvables.begin(), installed_solvables.end(), s, NameSolvableComparator);
|
||||||
|
+ while (low != installed_solvables.end() && (*low)->name == s->name) {
|
||||||
|
+ if (s->arch == (*low)->arch || s->arch == ARCH_NOARCH || (*low)->arch == ARCH_NOARCH) {
|
||||||
|
+ candidates.push_back(s);
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+ ++low;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.37.3
|
||||||
|
|
@ -1,100 +0,0 @@
|
|||||||
From c17e59faf6075e7ddb803f6393e86653afd6b16d Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
|
|
||||||
Date: Mon, 30 May 2022 08:59:41 +0200
|
|
||||||
Subject: [PATCH] advisory upgrade: filter out advPkgs with different arch
|
|
||||||
|
|
||||||
This prevents a situation in security upgrades where libsolv cannot
|
|
||||||
upgrade dependent pkgs because we ask for an upgrade of different arch:
|
|
||||||
|
|
||||||
We can get the following testcase if libdnf has filtered out
|
|
||||||
json-c-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms
|
|
||||||
(because there is an advisory for already installed json-c-1-1.el8.x86_64) but
|
|
||||||
json-c-2-2.el8.i686@rhel-8-for-x86_64-baseos-rpms is not filtered out because
|
|
||||||
it has different architecture. The resulting transaction doesn't work.
|
|
||||||
|
|
||||||
```
|
|
||||||
repo @System -99.-1000 testtags <inline>
|
|
||||||
#>=Pkg: bind-libs-lite 1 1.el8 x86_64
|
|
||||||
#>=Pkg: json-c 1 1.el8 x86_64
|
|
||||||
|
|
||||||
repo rhel-8-for-x86_64-baseos-rpms -99.-1000 testtags <inline>
|
|
||||||
#>=Pkg: json-c 2 2.el8 x86_64
|
|
||||||
#>=Prv: libjson-c.so.4()(64bit)
|
|
||||||
#>
|
|
||||||
#>=Pkg: json-c 2 2.el8 i686
|
|
||||||
#>=Prv: libjson-c.so.4()
|
|
||||||
#>
|
|
||||||
#>=Pkg: bind-libs-lite 2 2.el8 x86_64
|
|
||||||
#>=Req: libjson-c.so.4()(64bit)
|
|
||||||
system x86_64 rpm @System
|
|
||||||
job update oneof json-c-1-1.el8.x86_64@@System json-c-2-2.el8.i686@rhel-8-for-x86_64-baseos-rpms bind-libs-lite-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms [forcebest,targeted,setevr,setarch]
|
|
||||||
result transaction,problems <inline>
|
|
||||||
#>problem f06d81a4 info package bind-libs-lite-2-2.el8.x86_64 requires libjson-c.so.4()(64bit), but none of the providers can be installed
|
|
||||||
#>problem f06d81a4 solution 96f9031b allow bind-libs-lite-1-1.el8.x86_64@@System
|
|
||||||
#>problem f06d81a4 solution c8daf94f allow json-c-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms
|
|
||||||
#>upgrade bind-libs-lite-1-1.el8.x86_64@@System bind-libs-lite-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms
|
|
||||||
#>upgrade json-c-1-1.el8.x86_64@@System json-c-2-2.el8.x86_64@rhel-8-for-x86_64-baseos-rpms```
|
|
||||||
```
|
|
||||||
|
|
||||||
= changelog =
|
|
||||||
msg: Filter out advisory pkgs with different arch during advisory upgrade, fixes possible problems in dependency resulution.
|
|
||||||
type: bugfix
|
|
||||||
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2088149
|
|
||||||
---
|
|
||||||
libdnf/sack/query.cpp | 25 +++++++++++++++++++------
|
|
||||||
1 file changed, 19 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/libdnf/sack/query.cpp b/libdnf/sack/query.cpp
|
|
||||||
index ac2736b5..03d39659 100644
|
|
||||||
--- a/libdnf/sack/query.cpp
|
|
||||||
+++ b/libdnf/sack/query.cpp
|
|
||||||
@@ -1877,12 +1877,6 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
|
|
||||||
std::vector<Solvable *> candidates;
|
|
||||||
std::vector<Solvable *> installed_solvables;
|
|
||||||
|
|
||||||
- Id id = -1;
|
|
||||||
- while ((id = resultPset->next(id)) != -1) {
|
|
||||||
- candidates.push_back(pool_id2solvable(pool, id));
|
|
||||||
- }
|
|
||||||
- NameArchEVRComparator cmp_key(pool);
|
|
||||||
-
|
|
||||||
if (cmp_type & HY_UPGRADE) {
|
|
||||||
Query installed(sack, ExcludeFlags::IGNORE_EXCLUDES);
|
|
||||||
installed.installed();
|
|
||||||
@@ -1893,6 +1887,18 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
|
|
||||||
installed_solvables.push_back(pool_id2solvable(pool, installed_id));
|
|
||||||
}
|
|
||||||
std::sort(installed_solvables.begin(), installed_solvables.end(), NameArchSolvableComparator);
|
|
||||||
+ Id id = -1;
|
|
||||||
+ while ((id = resultPset->next(id)) != -1) {
|
|
||||||
+ Solvable * s = pool_id2solvable(pool, id);
|
|
||||||
+ // When doing HY_UPGRADE consider only candidate pkgs that have matching Name and Arch
|
|
||||||
+ // with some already installed pkg (in other words: some other version of the pkg is already installed).
|
|
||||||
+ // Otherwise a pkg with different Arch than installed can end up in upgrade set which is wrong.
|
|
||||||
+ // It can result in dependency issues, reported as: RhBug:2088149.
|
|
||||||
+ auto low = std::lower_bound(installed_solvables.begin(), installed_solvables.end(), s, NameArchSolvableComparator);
|
|
||||||
+ if (low != installed_solvables.end() && s->name == (*low)->name && s->arch == (*low)->arch) {
|
|
||||||
+ candidates.push_back(s);
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
|
|
||||||
// Apply security filters only to packages with lower priority - to unify behaviour upgrade
|
|
||||||
// and upgrade-minimal
|
|
||||||
@@ -1915,7 +1921,14 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
std::swap(candidates, priority_candidates);
|
|
||||||
+ } else {
|
|
||||||
+ Id id = -1;
|
|
||||||
+ while ((id = resultPset->next(id)) != -1) {
|
|
||||||
+ candidates.push_back(pool_id2solvable(pool, id));
|
|
||||||
+ }
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+ NameArchEVRComparator cmp_key(pool);
|
|
||||||
std::sort(candidates.begin(), candidates.end(), cmp_key);
|
|
||||||
for (auto & advisoryPkg : pkgs) {
|
|
||||||
if (cmp_type & HY_UPGRADE) {
|
|
||||||
--
|
|
||||||
2.36.1
|
|
||||||
|
|
@ -1,71 +0,0 @@
|
|||||||
From 549d248c9b331d19a0fd355fc605ab8912ed50f6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Ale=C5=A1=20Mat=C4=9Bj?= <amatej@redhat.com>
|
|
||||||
Date: Tue, 5 Jul 2022 09:02:22 +0200
|
|
||||||
Subject: [PATCH] Add obsoletes to filtering for advisory candidates
|
|
||||||
|
|
||||||
Patch https://github.com/rpm-software-management/libdnf/pull/1526
|
|
||||||
introduced a regression where we no longer do a security upgrade if a
|
|
||||||
package A is installed and package B obsoletes A and B is available in two
|
|
||||||
versions while there is an advisory for the second version.
|
|
||||||
|
|
||||||
Test: https://github.com/rpm-software-management/ci-dnf-stack/pull/1130
|
|
||||||
---
|
|
||||||
libdnf/sack/query.cpp | 32 ++++++++++++++++++++++++++++----
|
|
||||||
1 file changed, 28 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/libdnf/sack/query.cpp b/libdnf/sack/query.cpp
|
|
||||||
index 03d39659..5355f9f7 100644
|
|
||||||
--- a/libdnf/sack/query.cpp
|
|
||||||
+++ b/libdnf/sack/query.cpp
|
|
||||||
@@ -1878,6 +1878,13 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
|
|
||||||
std::vector<Solvable *> installed_solvables;
|
|
||||||
|
|
||||||
if (cmp_type & HY_UPGRADE) {
|
|
||||||
+ // When doing HY_UPGRADE consider only candidate pkgs that have matching Name and Arch with:
|
|
||||||
+ // * some already installed pkg (in other words: some other version of the pkg is already installed)
|
|
||||||
+ // or
|
|
||||||
+ // * with pkg that obsoletes some already installed (or to be installed in this transaction) pkg
|
|
||||||
+ // Otherwise a pkg with different Arch than installed can end up in upgrade set which is wrong.
|
|
||||||
+ // It can result in dependency issues, reported as: RhBug:2088149.
|
|
||||||
+
|
|
||||||
Query installed(sack, ExcludeFlags::IGNORE_EXCLUDES);
|
|
||||||
installed.installed();
|
|
||||||
installed.addFilter(HY_PKG_LATEST_PER_ARCH, HY_EQ, 1);
|
|
||||||
@@ -1887,13 +1894,30 @@ Query::Impl::filterAdvisory(const Filter & f, Map *m, int keyname)
|
|
||||||
installed_solvables.push_back(pool_id2solvable(pool, installed_id));
|
|
||||||
}
|
|
||||||
std::sort(installed_solvables.begin(), installed_solvables.end(), NameArchSolvableComparator);
|
|
||||||
+
|
|
||||||
+ Query obsoletes(sack, ExcludeFlags::IGNORE_EXCLUDES);
|
|
||||||
+ obsoletes.addFilter(HY_PKG, HY_EQ, resultPset);
|
|
||||||
+ obsoletes.available();
|
|
||||||
+
|
|
||||||
+ Query possibly_obsoleted(sack, ExcludeFlags::IGNORE_EXCLUDES);
|
|
||||||
+ possibly_obsoleted.addFilter(HY_PKG, HY_EQ, resultPset);
|
|
||||||
+ possibly_obsoleted.addFilter(HY_PKG_UPGRADES, HY_EQ, 1);
|
|
||||||
+ possibly_obsoleted.queryUnion(installed);
|
|
||||||
+ possibly_obsoleted.apply();
|
|
||||||
+
|
|
||||||
+ obsoletes.addFilter(HY_PKG_OBSOLETES, HY_EQ, possibly_obsoleted.runSet());
|
|
||||||
+ obsoletes.apply();
|
|
||||||
+ Id obsoleted_id = -1;
|
|
||||||
+ // Add to candidates resultPset pkgs that obsolete some installed (or to be installed in this transaction) pkg
|
|
||||||
+ while ((obsoleted_id = obsoletes.pImpl->result->next(obsoleted_id)) != -1) {
|
|
||||||
+ Solvable * s = pool_id2solvable(pool, obsoleted_id);
|
|
||||||
+ candidates.push_back(s);
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
Id id = -1;
|
|
||||||
+ // Add to candidates resultPset pkgs that match name and arch with some already installed pkg
|
|
||||||
while ((id = resultPset->next(id)) != -1) {
|
|
||||||
Solvable * s = pool_id2solvable(pool, id);
|
|
||||||
- // When doing HY_UPGRADE consider only candidate pkgs that have matching Name and Arch
|
|
||||||
- // with some already installed pkg (in other words: some other version of the pkg is already installed).
|
|
||||||
- // Otherwise a pkg with different Arch than installed can end up in upgrade set which is wrong.
|
|
||||||
- // It can result in dependency issues, reported as: RhBug:2088149.
|
|
||||||
auto low = std::lower_bound(installed_solvables.begin(), installed_solvables.end(), s, NameArchSolvableComparator);
|
|
||||||
if (low != installed_solvables.end() && s->name == (*low)->name && s->arch == (*low)->arch) {
|
|
||||||
candidates.push_back(s);
|
|
||||||
--
|
|
||||||
2.36.1
|
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in new issue