Errors returned with `yum check-update` indicating broken update notices

Solution Verified - Updated 5 Aug 2024

---

Environment

• Red Hat Enterprise Linux

Issue

• The command yum check-update reports broken update notices.

# yum check-update
Update notice RHSA-2014:0679 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.
You should report this problem to the owner of the rhel-7-workstation-rpms repository.
Update notice RHSA-2014:1327 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.
Update notice RHEA-2015:0372 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.
Update notice RHBA-2015:0335 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.
Update notice RHEA-2015:0371 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.
Update notice RHSA-2015:0416 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.
Update notice RHBA-2015:0303 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.
Update notice RHBA-2015:0556 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.
Update notice RHSA-2015:0290 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.
Update notice RHBA-2015:0596 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.
Update notice RHBA-2015:0578 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.
Update notice RHSA-2015:0716 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.
Update notice RHSA-2015:1115 (from rhel-7-workstation-rpms) is broken, or a bad duplicate, skipping.

Resolution

Ephemeral Client-side issues

1. Clear the yum retrieved metadata and verify that the issue is no longer observed:

# yum clean all
# yum check-update

Selecting Base or EUS

1. In the event of using Base and EUS repositories, use the following documentation to select a supported repository configuration.

How to tie a system to a specific update of Red Hat Enterprise Linux?

Regenerating repository metadata for Satellite

1. Rebuild the applicable repository metadata using the applicable process below:

Satellite 6.x:
Satellite client flooded by yum warnings about errata "is broken, or a bad duplicate, skipping."

Satellite 5.x:
This content is not included.Red Hat Satellite 5.x is not regenerating repodata for any channel. How do we fix it?

2. Clear the metadata on the client system encountering the issue as described in the Ephemeral Client-side issues section above.

3. If the issue is not resolved, follow the process outlined in the Seeking assistance from Red Hat Support section below.

Seeking assistance from Red Hat Support

1. Gather the following detailed information:

• Client-side sosreport
• Description of where the system is configured to retrieve content (CDN, Satellite, RHUI, 3rd party, or another unlisted solution)
• Is the system behind a proxy configuration?
• Are any firewall devices in the end network configured in such a way as to allow communication with the Red Hat CDN?
• The output of the yum check-update --verbose command

2. Open a case with Red Hat Support and provide the above details:

Red Hat Customer Experience & Engagement - Red Hat Customer Portal

For more KB articles/solutions related to Red Hat Satellite 6.x Client Subscription Issues, please refer to the Red Hat Satellite Consolidated Troubleshooting Article for Red Hat Satellite 6.x Client Subscription Issues

Root Cause

• Meaning of the "is broken, or a bad duplicate, skipping." error
• Issue Example
• Underlying cause(s) of the "is broken, or a bad duplicate, skipping." error
  • Client-side ephemeral issues
  • Red Hat hosted/provided content
  • Unsupported repository configurations
  • Content delivery solutions such as Red Hat Satellite and Red Hat Update Infrastructure (RHUI)

Meaning of the "is broken, or a bad duplicate, skipping." error message

---

During updates, or checks for update availability, the yum utility validates Errata notifications. In the event that a single Errata is available within multiple different repositories, the contents of the notification are validated. The notification below is an example of an Errata published within the Red Hat Enterprise Linux 7 release:

RHSA-2019:0202 - Security Advisory - Red Hat Customer Portal

The above is represented in the underlying updateinfo XML definition with the following fields. Note: In the output below, the contents have been removed to just show the applicable XML tags:

<updates>
  <update>
    <id>
    <issued>
    <reboot_suggested>
    <title>
    <release>
    <rights>
    <description>
    <solution>
    <severity>
    <summary>
    <pushcount>
    <updated>
    <references>
      <reference>
      <reference>
      <reference>
      <reference>
    <pkglist>
      <collection>
        <name>
        <package>
          <filename>
          <sum>
          <reboot_suggested>

During the duplicate Errata check, each of the following XML tags are verified:

• id
• rights
• severity
• release
• issued
• updated
• pushcount
• title
• summary
• description
• solution

In the event that a simple comparison between the two Errata entries fails, the yum utility will print the indicated is broken, or a bad duplicate, skipping errors. Of note, the utility will indicate that the use of the --verbose flag my be used by the repository owner to investigate. For the purposes of investigation, it is always recommended to use the --verbose flag when this error is encountered to assist in determining the underlying cause.

Issue Example:

For the purposes of this example, the above mentioned Errata has been duplicated into an additional repository and altered so as to cause this error to be emitted. Printing the full error, with newlines used as control characters, the alteration becomes apparent:

# while read -r LINE; do echo -e $LINE; done < <( yum check-update --verbose ) | awk '/Duplicate of/,/You should/'
Duplicate of RHSA-2019:0202 differs in some fields:
<<<<<<< rhel-7-server-eus-rpms:description
'The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: userfaultfd bypasses tmpfs file permissions (CVE-2018-18397)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* When applying two instances of the kprobe debugging mechanism to the same function, one of the kprobes in some cases failed, depending on the kernel address space layout. Consequently, a kprobe registration error occurred. This update fixes the bug in the kprobes registration code to properly detect and handle ftrace-based kprobes. As a result, both kprobes now apply successfully in the described scenario. (BZ#1647815)

* Under heavy mad packet load, the SELinux checks in the mad packet queries for InfiniBand (IB) fabrics significantly increased the mad packet execution time. Consequently, if a single machine was executing a large perfquery to the IB switches of a High Performance (HPC) fabric, mad_rpc timeouts occurred, and the query failed even with SELinux disabled. This update eliminates the SELinux checks when SELinux is disabled. As a result, the mad packet queries through perfquery now have their original run times when SELinux is disabled. (BZ#1648810)

* Previously, a file-system shutdown process caused by an I/O error could race against a running fstrim process to acquire a xfs buffer lock. Consequently, the file-system shutdown process never completed due to a deadlock and the file-system became unresponsive, unable to be unmounted. This update fixes the lock ordering so that the deadlock no longer occurs and the file-system shutdown process now completes in the described scenario. (BZ#1657142)'
=======
'The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

!!!!THIS WILL MAKE THE ERRATA INVALID!!!!

* kernel: userfaultfd bypasses tmpfs file permissions (CVE-2018-18397)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* When applying two instances of the kprobe debugging mechanism to the same function, one of the kprobes in some cases failed, depending on the kernel address space layout. Consequently, a kprobe registration error occurred. This update fixes the bug in the kprobes registration code to properly detect and handle ftrace-based kprobes. As a result, both kprobes now apply successfully in the described scenario. (BZ#1647815)

* Under heavy mad packet load, the SELinux checks in the mad packet queries for InfiniBand (IB) fabrics significantly increased the mad packet execution time. Consequently, if a single machine was executing a large perfquery to the IB switches of a High Performance (HPC) fabric, mad_rpc timeouts occurred, and the query failed even with SELinux disabled. This update eliminates the SELinux checks when SELinux is disabled. As a result, the mad packet queries through perfquery now have their original run times when SELinux is disabled. (BZ#1648810)

* Previously, a file-system shutdown process caused by an I/O error could race against a running fstrim process to acquire a xfs buffer lock. Consequently, the file-system shutdown process never completed due to a deadlock and the file-system became unresponsive, unable to be unmounted. This update fixes the lock ordering so that the deadlock no longer occurs and the file-system shutdown process now completes in the described scenario. (BZ#1657142)'
>>>>>>> example_repo:description
Update notice RHSA-2019:0202 (from rhel-7-server-eus-rpms) is broken, or a bad duplicate, skipping.
You should report this problem to the owner of the rhel-7-server-eus-rpms repository.

The addition of the !!!!THIS WILL MAKE THE ERRATA INVALID!!!! string to the duplicate Errata causes the error to be emitted.

Underlying cause(s) of the "is broken, or a bad duplicate, skipping." error

---

There are a number of possible sources of this error. Any utility/operation/group that is responsible for altering or transferring this XML could result in this error. Some possible causes include:

Client-side ephemeral issues

In the event that a networking connectivity issue, interrupted transfer, or Proxy configuration issue, it is possible that the problem will be resolved simply be removing the retrieved metadata and re-checking the available data.

Note: In the case of proxy device caching issues and the removal of the metadata does not resolve the condition, it would be necessary to reach out to the teams responsible for the proxy devices and begin further investigation within those devices.

Please see the Ephemeral Client-side issues section of the Resolution field above.

Red Hat hosted/provided content

For supported configurations, it is an intended result that Errata duplication across the provided repositories does not result in this type of malformed XML error.

If a system is only using content from the Red Hat Content Delivery Network (CDN), it is generally best practice to open a case with Red Hat Support to request additional assistance.

Please see the Seeking assistance from Red Hat Support section of the Resolution field above.

Unsupported repository configurations

There are some repository configurations that can result in Errata duplication. These are generally repository configurations involving releases that are not intended to be enabled simultaneously such as a system that has both Extended Update Support (EUS)¹ repositories and the Base repositories enabled. In that configuration it is absolutely possible, and somewhat expected, that the error is emitted. In that instance, the solution is to select either the EUS repositories or the Base repositories as opposed to enabling both.

Please see the Selecting Base or EUS section of the Resolution field above.

Content delivery solutions such as Red Hat Satellite and Red Hat Update Infrastructure (RHUI)

Content delivery solutions such as Satellite generally will retrieve Errata notifications and then manipulate the content as necessary to align with solution-specific configurations. In the event that this manipulation results in Errata mismatches between multiple client-consumed repositories. this error can result.

Please see the Regenerating repository metadata for Satellite section of the Resolution field above.

Diagnostic Steps

1. Use the --verbose flag to verify which repositories include duplicate/conflicting updateinfo content:

        # yum check-update --verbose | awk '/<<<<<</,/>>>>>>/'

2. Determine if the conflicting repositories are retrieved from the Red Hat CDN, Red Hat Satellite, or Red Hat Update Infrastructure installation.
3. Verify if a proxy appliance is caching older repository updateinfo content. This can be explicitly configured, or transparent.
4. Confirm that clearing the updateinfo and re-downloading it does to resolve the condition

        # yum clean all
        # yum check-update

SBR

• Anaconda
• SysMgmt

Product(s)

• Red Hat Enterprise Linux

Components

• yum

Category

• Troubleshoot

Tags

• rhel
• yum

---

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.