On Jan 14 10:37pm, Johnny Hughes wrote:
CentOS Errata and Bugfix Advisory 2015:0048
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0048.html
The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename )
I was surprised to find that these RPMs were modified and re-released with different sums yet identical version strings. Is this common practice?
On 01/15/2015 07:15 AM, centoslistmail@gmail.com wrote:
On Jan 14 10:37pm, Johnny Hughes wrote:
CentOS Errata and Bugfix Advisory 2015:0048
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0048.html
The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename )
I was surprised to find that these RPMs were modified and re-released with different sums yet identical version strings. Is this common practice?
No, not at all
There was what we thought was a huge problem with the packages, that ended up being this bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1182337
http://lists.centos.org/pipermail/centos-announce/2015-January/020880.html
The reason they are different was that we rebuilt and resigned the packages in our troubleshooting of how it completely rendered yum and rpm unusable .. then we found the cause.
But, since we found that the issue was an upstream bug (ie, centos matches rhel and they have to fox the issue, or not fix it), we decided to re-release. However, I did not save the original signed packages, so I had to resign the first ones and release them. The only differences between the two package sets, if you were to compare them would be the signing data/time.
Sorry for the inconvenience.
Thanks, Johnny Hughes
On Jan 15 8:27am, Johnny Hughes wrote:
I had to resign the first ones and release them. The only differences between the two package sets, if you were to compare them would be the signing data/time.
Thank you for the explanation. It eases my mind considerably. :)
On 01/15/2015 08:27 AM, Johnny Hughes wrote:
There was what we thought was a huge problem with the packages, that ended up being this bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1182337
http://lists.centos.org/pipermail/centos-announce/2015-January/020880.html
The reason they are different was that we rebuilt and resigned the packages in our troubleshooting of how it completely rendered yum and rpm unusable .. then we found the cause.
Interesting. I was running with the mismatched versions (after "yum downgrade nss-softokn-freebl") and having no issues with yum or rpm. nss-softokn-3.14.3-18.el6_6.x86_64 nss-softokn-freebl-3.14.3-17.el6.i686 nss-softokn-freebl-3.14.3-17.el6.x86_64
(I've updated now to version 3.14.3-19.el6_6 for both.)
-
centoslistmail@gmail.com -
Johnny Hughes -
Robert Nichols