Fun with packages management

Issues related to applications and software problems
Post Reply
drknut
Posts: 50
Joined: 2016/12/13 11:59:42

Fun with packages management

Post by drknut » 2019/05/19 09:53:40

Hello All,

In the context of trying to work around the broken yum-security plugin, I'd like to correlate the output of

Code: Select all

yum changelog updates

wget-1.14-18.el7_6.1.x86_64              updates                                                        
* Fri Apr  5 14:00:00 2019 Tomas Hozza <thozza@redhat.com> - 1.14-18.1                                  
- Fix CVE-2019-5953 (#1696733)                                                                          

* Wed May  9 14:00:00 2018 Tomas Hozza <thozza@redhat.com> - 1.14-18                                    
- Fix CVE-2018-0494 (#1576106)                                                                          

* Mon Apr 23 14:00:00 2018 Tomas Hozza <thozza@redhat.com> - 1.14-17                                    
- Fix segfault when Digest Authentication header is missing 'qop' part (#1545310)   
with the output of

Code: Select all

yum info wget

Installed Packages
Name        : wget
Arch        : x86_64
Version     : 1.14
Release     : 18.el7
Size        : 2.0 M
Repo        : installed
From repo   : base
Summary     : A utility for retrieving files using the HTTP or FTP protocols
.
.
Available Packages
Name        : wget
Arch        : x86_64
Version     : 1.14
Release     : 18.el7_6.1
Size        : 547 k
Repo        : updates/7/x86_64
Summary     : A utility for retrieving files using the HTTP or FTP protocols
.
.
Is there a naming rule that explain the release numbers

Code: Select all

changelog  yum info
   18       18.el7
   18.1     18.el7_6.1
where does the "_6" come from ?

Incidentally we note that the CVE fix has shrinked the package by nearly 75 %.

User avatar
avij
Retired Moderator
Posts: 3046
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:

Re: Fun with packages management

Post by avij » 2019/05/19 17:34:24

drknut wrote:
2019/05/19 09:53:40
Incidentally we note that the CVE fix has shrinked the package by nearly 75 %.
I don't think so..

560152 Nov 12 2018 wget-1.14-18.el7.x86_64.rpm
560272 May 16 18:48 wget-1.14-18.el7_6.1.x86_64.rpm

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Fun with packages management

Post by TrevorH » 2019/05/19 17:43:32

The size reported by yum info varies - if it's installed then it shows you how much space the files take up, if it isn't then it shows you the size of the package itself.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

drknut
Posts: 50
Joined: 2016/12/13 11:59:42

Re: Fun with packages management

Post by drknut » 2019/05/19 18:17:12

The size reported by yum info varies - if it's installed then it shows you how much space the files take up, if it isn't then it shows you the size of the package itself.
Thanks for this explanation.

And for the release naming ? Any hint ?

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Fun with packages management

Post by TrevorH » 2019/05/19 18:32:18

Inherited from upstream. That's what RH called it in RHEL, that's what we build it as.

The only exceptions to that are packages with ".centos." in their names which indicates that they've been modified to debrand them by CentOS. In those cases, as an example, RHEL's httpd-2.4.6-67.el7_4.6.x86_64.rpm becomes httpd-2.4.6-67.el7.centos.6.x86_64.rpm
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply