Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 193959

Summary: app-misc/pax-utils-0.1.16 has 2 SRC_URI in ebuild
Product: Gentoo Linux Reporter: Stephane Bonnell <gentoo.steph>
Component: New packagesAssignee: Gentoo Linux bug wranglers <bug-wranglers>
Status: VERIFIED INVALID    
Severity: major CC: jan.reitz, r0bertz
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard:
Package list:
Runtime testing required: ---

Description Stephane Bonnell 2007-09-27 08:21:10 UTC
In the ebuild I got after a sync, pax-utils-0.1.16.ebuild has 2 SRC_URI inside.

SRC_URI="mirror://gentoo/pax-utils-${PV}.tar.bz2
        http://dev.gentoo.org/~solar/pax/pax-utils-${PV}.tar.bz2
        http://dev.gentoo.org/~vapier/dist/pax-utils-${PV}.tar.bz2"
SRC_URI="http://wh0rd.org/pax-utils-${PV}.tar.bz2"

By the way, it wants to download from http://wh0rd.org/ that is blocked by openDNS...


Reproducible: Always
Comment 1 Jakub Moc (RETIRED) gentoo-dev 2007-09-27 08:31:55 UTC
Yes, which is perfectly legal and not any bug.
Comment 2 Jakub Moc (RETIRED) gentoo-dev 2007-10-01 14:29:02 UTC
*** Bug 194392 has been marked as a duplicate of this bug. ***
Comment 3 Jan Reitz 2007-10-01 14:37:08 UTC
There is no doubt here that its legal to redeclare a variable.

But it makes no sense to have it redeclared (destroying the WORKING and ACCESSIBLE mirrors in there) with a mirror which is widely banned.

these files exist and are accessible:
http://dev.gentoo.org/~vapier/dist/pax-utils-0.1.16.tar.bz2
http://dev.gentoo.org/~solar/pax/pax-utils-0.1.16.tar.bz2

havn't checked mirrors yet.
Comment 4 Jakub Moc (RETIRED) gentoo-dev 2007-10-01 14:39:26 UTC
Well, fix your pathetic content filter then.
Comment 5 Jan Reitz 2007-10-01 15:10:53 UTC
Serving a stable-marked security-relevant core file of gentoo only from one dubious domain which is categorized (by www.securecomputing.com) as : "Humor;Profanity;Sexual Materials;Gruesome Content" is so very lol.
I surely don't want any files, especially security relevant, served from sites like these.
If it had gone through my content filter and i had seen it "by hand" i would have ctrl-c'd the dl.

You must had a bad day and i gonna fix the file by my own.
For those numerous people who will have the same problem:
remove the second SRC_URI line and run "ebuild /usr/portage/app-misc/pax-utils/pax-utils-0.1.16.ebuild digest"
Comment 6 Jan Reitz 2007-10-01 15:13:45 UTC
ignore my last comment, does not work
Comment 7 Jakub Moc (RETIRED) gentoo-dev 2007-10-01 15:31:20 UTC
(In reply to comment #5)
> Serving a stable-marked security-relevant core file of gentoo only from one
> dubious domain which is categorized (by www.securecomputing.com) as :
> "Humor;Profanity;Sexual Materials;Gruesome Content" is so very lol.

Better said - the marking by securecomputing.com is soooo very LOL - as this bug proves. This kind of content filtering is plain stupid, if you use it, you get what you've asked for, sorry. This ebuild has mirroring disabled intentionally because the mirrors have picked up a broken tarball. Beyond that, some content filter puking on fetching a tarball from a perfectly valid domain owned by one of our developers should make you think twice before buying/using their products next time.
Comment 8 Jakub Moc (RETIRED) gentoo-dev 2007-12-19 18:54:42 UTC
*** Bug 202787 has been marked as a duplicate of this bug. ***