libsmbclient: upgrade fails with error 403

There was a regression in the Dapper and Edgy packages, and this update has been disabled. We are currently working on an updated package.

Just so everyone knows what is happening: Gutsy and Feisty packages are ok and can be downloaded without problem. Edgy and Dapper packages have been disabled due to a regression. Updated packages for Dapper and Edgy will be provided soon.

Turns out there were more problems with the patch and all releases have been disabled. Updated packages for Dapper, Edgy, Feisty and Gutsy will be provided soon.

Disabling the files by removing permissions is causing all apt-get operations involving these files (e.g. an attempt to upgrade to unrelated other security updates) to fail.

Wouldn't it be better to disable the update by removing it from the Packages (and Sources) files (and regenerating the Release and GPG sigs), thereby allowing normal use of the *rest* of the security.ubuntu.com repository?

The rate of related questions in freenode #ubuntu is extreme, even with an appropriate note in the channel topic.

Please remove the broken security updates (and any items depending) from the Packages and Sourcess, then regenerate the Release and GPG sigs as Max suggested.

Doing this will do the following:
1. It will stop people from griping.
2. Allow canonical (or who ever is looking into the security update issues) to focus their efforts on that by removing these posts as distractions.
3. It will allow people to obtain other unrelated security updates and properly install them.
4. It'll make toast... yes that's right when you've finished with that you'll magically find a piece of toast waiting for you... "but where?" is the real question!

Synaptic show me this errors

W: Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.24-2ubuntu1.3_i386.deb
  403 Forbidden

W: Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.24-2ubuntu1.3_i386.deb
  403 Forbidden

W: Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.24-2ubuntu1.3_i386.deb
  403 Forbidden

As mentioned above; it really would be a good idea to remove the broken security updates from the package. I am trying to upgrade from Feisty to Gutsy and cannot because of the forbidden access. Also anyone attempting to install the update will just get an error which cannot be good PR for Ubuntu. Also I am looking forward to my toast!

Seems to be fixed at least for i386.

Works not from gui, but from console:

GUI:

W: Beim Herunterladen der Datei »http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.26a-1ubuntu2.1_i386.deb« ist ein Fehler aufgetreten:
  403 Forbidden
W: Beim Herunterladen der Datei »http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.26a-1ubuntu2.1_i386.deb« ist ein Fehler aufgetreten:
  403 Forbidden
W: Beim Herunterladen der Datei »http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.26a-1ubuntu2.1_i386.deb« ist ein Fehler aufgetreten:
  403 Forbidden

#####################
Console
roger@erde:~$ sudo apt-get upgrade
[...]
Hole:1 http://security.ubuntu.com gutsy-security/main smbclient 3.0.26a-1ubuntu2.2 [4886kB]
Hole:2 http://security.ubuntu.com gutsy-security/main samba-common 3.0.26a-1ubuntu2.2 [2835kB]
Hole:3 http://security.ubuntu.com gutsy-security/main libsmbclient 3.0.26a-1ubuntu2.2 [885kB]
Es wurden 8606kB in 1m47s geholt (80,4kB/s)
[...]

WTF?
Here, too, still can't upgrade via the update manager, but apt-get works fine....
I agree with those above that it would have been much better to remove the packages from the system than blocking all updates for a day....

Updated packages are available for all releases. Please see http://www.ubuntu.com/usn/usn-544-2 for more information.

Super, but I can still see a problem. Yes, 'apt-get upgrade' works fine, but Ubuntu update manager doesn't use 'apt-get upgrade'. Ubuntu is oriented at usual people, that often want only to check e-mail, write a document and talk to others. They don't have to realize that there is a text console somewhere. And they should be able to update their OS without using any of these 'apt-get', 'aptitude' etc.

You should change it to be working properly without these console stuff, really.

This is still broken - screenshots attached. Why is this bug marked as 'Fix Released'?

@ itismike:

You have to open a console and write:
sudo apt-get upgrade
Then everything will be ok.

Bu that's what I'm talking about - You shouldn't force people to use apt-get manually. They don't need to learn this.

The command-line upgrade works for me this morning on Dapper. Thanks!

I too, though, tried to upgrade a friend's system from Feisty to Gutsy yesterday evening, and the entire upgrade failed just because of these three files. The change to the repositories seems to have disabled a lot more than just the Samba update.

Changing status back to "fix released". Invalid means that there was no bug to begin with.
See also https://wiki.ubuntu.com/Bugs/Status

See this bug to learn about the automatic daily apt-get update process, and the user interface issues with how to know if you really are up to date.
https://bugs.edge.launchpad.net/ubuntu/+source/update-manager/+bug/35009

Seems to me that you just need to click on the update-manager's "check" (or perhaps "reload" for dapper?) button to manually get updates right away

This is not fixed on the us server, even after an upgrade I still got the 403s. Switching to the main repos fixes the issue.

@m_gol:

I understand the command-line work-around. But work-arounds aren't
what mainstream Linux desktop users need. I think we're in agreement
that this needs to be 'fixed' to work with the default GUI update
manager before closing the bug.

@ Neal McBurnett:

So it should be "Confirmed" or "In Progress", but not "Fix Released", as the issue has not been fixed yet, has it?

@ itismike:

Yes, read my notes. I thought (wrong) that You don't know how to update it, but I fully agree that such work-around doesn't deserve a "Fix Released" status.

Again, read the definitions of bug statuses

 https://wiki.ubuntu.com/Bugs/Status

"Fix released" just means that the engineering work has been done and released. Note that in some cases you may even have to dist-upgrade, though not in this case. You may have to wait for a mirror update, you may have to wait for a cron job, etc. But the fix is on the way - that is what the status means.

And yeah, I bet this is a frustrating circumstance for a number of folks :-(
But such things happen....

I tried the update with sudo apt-get upgrade, but got the same error-message:

wolfgang@nofi-p1-ubuntu:~$ sudo apt-get upgrade
[sudo] password for wolfgang:
Paketlisten werden gelesen... Fertig
Abhängigkeitsbaum wird aufgebaut
Reading state information... Fertig
Die folgenden Pakete sind zurückgehalten worden:
  gnome-themes-extras
Die folgenden Pakete werden aktualisiert:
  libsmbclient samba samba-common smbclient
4 aktualisiert, 0 neu installiert, 0 zu entfernen und 1 nicht aktualisiert.
Es müssen 12,4MB Archive geholt werden.
Nach dem Auspacken werden 0B Plattenplatz zusätzlich benutzt.
Möchten Sie fortfahren [J/n]? j
Fehl http://security.ubuntu.com gutsy-security/main smbclient 3.0.26a-1ubuntu2.1
  403 Forbidden
Fehl http://security.ubuntu.com gutsy-security/main samba 3.0.26a-1ubuntu2.1
  403 Forbidden
Fehl http://security.ubuntu.com gutsy-security/main samba-common 3.0.26a-1ubuntu2.1
  403 Forbidden
Fehl http://security.ubuntu.com gutsy-security/main libsmbclient 3.0.26a-1ubuntu2.1
  403 Forbidden
Konnte http://security.ubuntu.com/ubuntu/pool/main/s/samba/smbclient_3.0.26a-1ubuntu2.1_i386.deb nicht holen 403 Forbidden
Konnte http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba_3.0.26a-1ubuntu2.1_i386.deb nicht holen 403 Forbidden
Konnte http://security.ubuntu.com/ubuntu/pool/main/s/samba/samba-common_3.0.26a-1ubuntu2.1_i386.deb nicht holen 403 Forbidden
Konnte http://security.ubuntu.com/ubuntu/pool/main/s/samba/libsmbclient_3.0.26a-1ubuntu2.1_i386.deb nicht holen 403 Forbidden
E: Konnte einige Archive nicht herunterladen, vielleicht „apt-get update“ oder mit „--fix-missing“ probieren?
wolfgang@nofi-p1-ubuntu:~$

@wgroiss - did you do sudo apt-get update first?

@Neal

Thanks for expressing your understanding of this situation. I'm glad
there seems to be a consensus that this is important for general users
of Ubuntu. I now understand that I need to be patient for the fix to
hit the mirrors.

You have to open a terminal and then do:

sudo apt-get update

And then:
Sudo apt-get upgrade

above packages are enabled and available to download.

This worked well in my case! Thanks a lot!

jazzun4141 wrote on 2007-11-17: (permalink)

You have to open a terminal and then do:

sudo apt-get update

And then:
Sudo apt-get upgrade