[Bug 1179781] Re: If-Modfied-Since undhandled case causes apt lists corruption with https repositories

Brian Murray brian at ubuntu.com
Fri Aug 23 20:51:42 UTC 2013 

I'll take care of sponsoring this.

** Also affects: curl (Debian) via
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705783
   Importance: Unknown
       Status: Unknown

** Description changed:

  [Impact]
  
  Users of apt repositories that use https will occasionally recieve an
  error message and not be able to update properly:
  
  W: Size of file /var/lib/apt/lists/partial/archive.example
  .com_dists_precise_main_binary-amd64_Packages is not what the server
  reported 0 25118
  
  This should be backported to Ubuntu precise because some companies may
  be delivering their internal apt repositories over SSL for security.
  
  [Test Case]
  
  Install apt-transport-https and setup an apt repository delivered over
  https. Do some updates and eventually the above error will happen.
  
  [Regression Potential]
  
  I've patched the Ubuntu precise version of apt and found no issues.
- Curl - Exceedingly minimal as a variable needed to be reset to zero on structure re-use.
- Apt - Possible regression if curl is not updated as well, as this adds a dependency on curl's CURLINFO_CONDITION_UNMET which is currently broken in 0.8.16~exp12ubuntu10.12.
+ Curl - Exceedingly minimal as a variable needed to be reset to zero on structure re-use.Apt - Possible regression if curl is not updated as well, as this adds a dependency on curl's CURLINFO_CONDITION_UNMET which is currently broken in 0.8.16~exp12ubuntu10.12.
  
  [Other Info]
  
  APT
  * fix needs to be applied in Precise, quantal and raring
- * Apt fix is already in Saucy.
+ * Apt fix is already in Saucy since at least version 0.9.9.1~ubuntu1
  
  Curl
  * fix needs to be applied in Precise, quantal and raring
- * fix is in saucy-proposed.
- 
+ * fix is in saucy as of version 7.31.0-1ubuntu1
  
  This was reported to Debian first and is fixed in Debian unstable:
  
  http://bugs.debian.org/705648
  
  The maintainers of apt in Ubuntu have not yet synced this to saucy.
  
  Fixes for both ubuntu/apt and ubuntu/curl need to be included for this
  to be properly fixed.
  
  --
  bye,
  pabs
  
  http://wiki.debian.org/PaulWise

** Also affects: apt (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: curl (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: apt (Ubuntu Quantal)
   Importance: Undecided
       Status: New

** Also affects: curl (Ubuntu Quantal)
   Importance: Undecided
       Status: New

** Also affects: apt (Ubuntu Raring)
   Importance: Undecided
       Status: New

** Also affects: curl (Ubuntu Raring)
   Importance: Undecided
       Status: New

** Changed in: apt (Ubuntu)
   Importance: Undecided => Medium

** Changed in: apt (Ubuntu)
       Status: In Progress => Fix Released

** Changed in: apt (Ubuntu)
     Assignee: Dave Chiluk (chiluk) => (unassigned)

** Changed in: apt (Ubuntu Precise)
   Importance: Undecided => Medium

** Changed in: apt (Ubuntu Precise)
       Status: New => Triaged

** Changed in: apt (Ubuntu Quantal)
   Importance: Undecided => Medium

** Changed in: apt (Ubuntu Quantal)
       Status: New => Triaged

** Changed in: apt (Ubuntu Raring)
   Importance: Undecided => Medium

** Changed in: apt (Ubuntu Raring)
       Status: New => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1179781

Title:
  If-Modfied-Since undhandled case causes apt lists corruption with
  https repositories

Status in “apt” package in Ubuntu:
  Fix Released
Status in “curl” package in Ubuntu:
  In Progress
Status in “apt” source package in Precise:
  Triaged
Status in “curl” source package in Precise:
  New
Status in “apt” source package in Quantal:
  Triaged
Status in “curl” source package in Quantal:
  New
Status in “apt” source package in Raring:
  Triaged
Status in “curl” source package in Raring:
  New
Status in “apt” package in Debian:
  Unknown
Status in “curl” package in Debian:
  Unknown

Bug description:
  [Impact]

  Users of apt repositories that use https will occasionally recieve an
  error message and not be able to update properly:

  W: Size of file /var/lib/apt/lists/partial/archive.example
  .com_dists_precise_main_binary-amd64_Packages is not what the server
  reported 0 25118

  This should be backported to Ubuntu precise because some companies may
  be delivering their internal apt repositories over SSL for security.

  [Test Case]

  Install apt-transport-https and setup an apt repository delivered over
  https. Do some updates and eventually the above error will happen.

  [Regression Potential]

  I've patched the Ubuntu precise version of apt and found no issues.
  Curl - Exceedingly minimal as a variable needed to be reset to zero on structure re-use.Apt - Possible regression if curl is not updated as well, as this adds a dependency on curl's CURLINFO_CONDITION_UNMET which is currently broken in 0.8.16~exp12ubuntu10.12.

  [Other Info]

  APT
  * fix needs to be applied in Precise, quantal and raring
  * Apt fix is already in Saucy since at least version 0.9.9.1~ubuntu1

  Curl
  * fix needs to be applied in Precise, quantal and raring
  * fix is in saucy as of version 7.31.0-1ubuntu1

  This was reported to Debian first and is fixed in Debian unstable:

  http://bugs.debian.org/705648

  The maintainers of apt in Ubuntu have not yet synced this to saucy.

  Fixes for both ubuntu/apt and ubuntu/curl need to be included for this
  to be properly fixed.

  --
  bye,
  pabs

  http://wiki.debian.org/PaulWise

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1179781/+subscriptions

More information about the Ubuntu-sponsors mailing list