touch-packages team mailing list archive

Thread
Date

[Bug 1382401] Re: Easy to trigger 404/416 errors after recent security update

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Mathew Hodson <mathew.hodson@xxxxxxxxx>
Date: Thu, 16 Apr 2015 23:03:19 -0000
Reply-to: Bug 1382401 <1382401@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Tags removed: removal-candidate

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1382401

Title:
  Easy to trigger 404/416 errors after recent security update

Status in apt package in Ubuntu:
  Fix Released
Status in apt source package in Lucid:
  Won't Fix
Status in apt source package in Precise:
  Fix Released
Status in apt package in Debian:
  Fix Released

Bug description:
  [Impact]

  The recent security update make it easy to trigger Debian bug
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710924 - i.e. apt
  does not deal well with 416 requests from the remote server.

  [Test Case]

  1 install latest apt from security
  2 run sudo apt-get update
  3 run sudo apt-get update again and ctrl somewhere in the middle
  4 run sudo apt-get update again
  5 verify that you get either 404 or 416 errors

  6 install the updated version from prospoed
  7 verify that sudo apt-get update works now
  8 verify that steps 2-4 do not lead to a failure

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1382401/+subscriptions

References

[Bug 1382401] [NEW] Easy to trigger 404/416 errors after recent security update
From: Michael Vogt, 2014-10-17