touch-packages team mailing list archive

Thread
Date

[Bug 1382401] Re: Easy to trigger 404/416 errors after recent security update

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Steve Langasek <steve.langasek@xxxxxxxxxxxxx>
Date: Thu, 16 Apr 2015 18:51:41 -0000
Reply-to: Bug 1382401 <1382401@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

The version of apt in the proposed pocket of Lucid that was purported to
fix this bug report has been removed because the bugs that were to be
fixed by the upload were not verified in a timely (105 days) fashion.

** Tags removed: verification-needed-lucid

** Changed in: apt (Ubuntu Lucid)
       Status: Fix Committed => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1382401

Title:
  Easy to trigger 404/416 errors after recent security update

Status in apt package in Ubuntu:
  Fix Released
Status in apt source package in Lucid:
  Won't Fix
Status in apt source package in Precise:
  Fix Released
Status in apt package in Debian:
  Fix Released

Bug description:
  [Impact]

  The recent security update make it easy to trigger Debian bug
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710924 - i.e. apt
  does not deal well with 416 requests from the remote server.

  [Test Case]

  1 install latest apt from security
  2 run sudo apt-get update
  3 run sudo apt-get update again and ctrl somewhere in the middle
  4 run sudo apt-get update again
  5 verify that you get either 404 or 416 errors

  6 install the updated version from prospoed
  7 verify that sudo apt-get update works now
  8 verify that steps 2-4 do not lead to a failure

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1382401/+subscriptions

References

[Bug 1382401] [NEW] Easy to trigger 404/416 errors after recent security update
From: Michael Vogt, 2014-10-17