-
Bug
-
Resolution: Done
-
Normal
-
None
-
rhel-8.9.0
-
None
-
Minor
-
1
-
sst_cs_software_management
-
ssg_core_services
-
3
-
False
-
-
None
-
DNF Sprint 3
-
None
-
None
-
None
Issue:
`yum update --security` is updating nss_db (and glibc as a dependency) when no security errata is available.
Steps to reproduce
- podman run -it ubi8:latest
- yum install glibc-2.28-236.el8.7.x86_64 glibc-2.28-236.el8.7.i686 libnsl-2.28-236.el8.7.x86_64 nscd-2.28-236.el8.7.x86_64 nss_db-2.28-236.el8.7.i686 nss_db-2.28-236.el8.7.x86_64
- yum update --security nss_db
Expected results
No security updates needed for "nss_db", but 1 update available
Dependencies resolved.
Nothing to do.
Complete!
Actual results
[root@ubi8 /]$yum update --security nss_db Updating Subscription Management repositories. Unable to read consumer identity subscription-manager is operating in container mode. Last metadata expiration check: 0:09:38 ago on Fri Mar 15 17:42:30 2024. Dependencies resolved. ============================================================================================================================== Package Architecture Version Repository Size ============================================================================================================================== Upgrading: glibc i686 2.28-236.el8_9.12 rhel-8-for-x86_64-baseos-rpms 2.0 M glibc x86_64 2.28-236.el8_9.12 rhel-8-for-x86_64-baseos-rpms 2.2 M glibc-common x86_64 2.28-236.el8_9.12 rhel-8-for-x86_64-baseos-rpms 1.0 M glibc-gconv-extra i686 2.28-236.el8_9.12 rhel-8-for-x86_64-baseos-rpms 1.6 M glibc-gconv-extra x86_64 2.28-236.el8_9.12 rhel-8-for-x86_64-baseos-rpms 1.6 M glibc-langpack-en x86_64 2.28-236.el8_9.12 rhel-8-for-x86_64-baseos-rpms 829 k glibc-minimal-langpack x86_64 2.28-236.el8_9.12 rhel-8-for-x86_64-baseos-rpms 68 k libnsl x86_64 2.28-236.el8_9.12 rhel-8-for-x86_64-baseos-rpms 108 k nscd x86_64 2.28-236.el8_9.12 rhel-8-for-x86_64-baseos-rpms 137 k nss_db i686 2.28-236.el8_9.12 rhel-8-for-x86_64-baseos-rpms 80 k nss_db x86_64 2.28-236.el8_9.12 rhel-8-for-x86_64-baseos-rpms 81 kTransaction Summary ============================================================================================================================== Upgrade 11 PackagesTotal download size: 9.6 M Is this ok [y/N]:
Additional Info
No security updates are avaiable for later versions of nss_db or this version.
Looking at the updateinfo.xml, there is only an RHBA for this package available.
$rpm -q nss_db nss_db-2.28-236.el8.7.i686 nss_db-2.28-236.el8.7.x86_64 [root@ubi8 /]$zcat /var/cache/dnf/rhel-8-for-x86_64-baseos-rpms-51b3b78d5698246b/repodata/*updateinfo* | egrep 'RHSA|RHBA|nss_db' | grep nss_db.*236 -B3 <reference href="https://access.redhat.com/errata/RHBA-2022:7734" type="self" id="RHBA-2022:7734" title="RHBA-2022:7734" /> <id>RHBA-2023:7107</id> <reference href="https://access.redhat.com/errata/RHBA-2023:7107" type="self" id="RHBA-2023:7107" title="RHBA-2023:7107" /> <package src="glibc-2.28-236.el8.7.src.rpm" name="nss_db" epoch="0" version="2.28" release="236.el8.7" arch="i686"> <filename>nss_db-2.28-236.el8.7.i686.rpm</filename> <package src="glibc-2.28-236.el8.7.src.rpm" name="nss_db" epoch="0" version="2.28" release="236.el8.7" arch="x86_64"> <filename>nss_db-2.28-236.el8.7.x86_64.rpm</filename> -- <reference href="https://access.redhat.com/errata/RHBA-2022:7728" type="self" id="RHBA-2022:7728" title="RHBA-2022:7728" /> <id>RHBA-2024:0902</id> <reference href="https://access.redhat.com/errata/RHBA-2024:0902" type="self" id="RHBA-2024:0902" title="RHBA-2024:0902" /> <package src="glibc-2.28-236.el8_9.12.src.rpm" name="nss_db" epoch="0" version="2.28" release="236.el8_9.12" arch="x86_64"> <filename>nss_db-2.28-236.el8_9.12.x86_64.rpm</filename> <package src="glibc-2.28-236.el8_9.12.src.rpm" name="nss_db" epoch="0" version="2.28" release="236.el8_9.12" arch="i686"> <filename>nss_db-2.28-236.el8_9.12.i686.rpm</filename>
- duplicates
-
-
- Closed
-
