-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
6.16.5.6
-
3
-
False
-
sat-artemis
-
None
-
None
-
None
-
None
Description of problem:
The duplicate CVEs in the errata are caused by one CVE having 2 or more urls (See below).
[#<Katello::ErratumCve:0x0000560e9b405038
id: 524614,
erratum_id: 497834,
cve_id: "CVE-2025-37803",
href: "
https://access.redhat.com/security/cve/CVE-2025-37803
">,
#<Katello::ErratumCve:0x0000560e9b35e620
id: 554209,
erratum_id: 497834,
cve_id: "CVE-2025-37803",
href: "
https://www.redhat.com/security/data/cve/CVE-2025-37803.html
">,
I am not exactly sure which url is expected. Both urls worked. The "www.redhat.com" one simply redirect to "access.redhat.com"
I guess this could be the cause. We synced "Repo A" that contained "erratum A" (with CVE href 'A') a few weeks ago. Later we sync "Repo B" that also contains "erratum A" (but with CVE href 'B').
How reproducible:
Not sure. I failed to reproduce the issue even I had tried to sync some affected repos for the errata. It appears to be only reproducible before the CDN repo metadata is corrected.
Acceptance Criteria
- Add some scope magic to deduplicate and pick the first/last href
- Add some rake task to clean up if needed
Testing steps
- Create 2 fixture yum repos with the same errata but different href (tweak updateinfo xml)
- Verify that the errata is not duplicated.
Is this issue a regression from an earlier version:
I believe it is not a regression
Business Impact / Additional info:
To workaround the report issue, we can add a ".uniq" to the report template.
'CVEs': erratum.cves.map { |c| c.cve_id }.uniq,
