[Gluster-infra] Package updates on forge.gluster.org
Marcin Kulik
marcin at powow.no
Fri Jun 6 14:35:14 UTC 2014
Oh man. This is embarassing. I've been updating the box with IP of
54.229.115.178, which is Gitorious' "gluster staging" box :/
On Fri, Jun 6, 2014 at 4:24 PM, Justin Clift <justin at gluster.org> wrote:
> Interestingly, after double checking our boxes for the vulnerability using
> the online tool (https://access.redhat.com/labs/ccsinjectiontest/), the
> box was still showing as vulnerable.
>
> Logging in shows a large amount of rpms requiring updates. "Yum update"
> output:
>
> ======================================================================================================
> Package Arch Version Repository Size
> ======================================================================================================
> Installing:
> kernel x86_64 2.6.32-431.17.1.el6 updates 28 M
> Updating:
> ImageMagick x86_64 6.5.4.7-7.el6_5 updates 1.7 M
> atk x86_64 1.30.0-1.el6 base 195 k
> audit x86_64 2.2-4.el6_5 updates 225 k
> audit-libs x86_64 2.2-4.el6_5 updates 60 k
> bash x86_64 4.1.2-15.el6_4 base 904 k
> ca-certificates noarch 2013.1.95-65.1.el6_5 updates 1.1 M
> centos-release x86_64 6-5.el6.centos.11.2 updates 20 k
> chkconfig x86_64 1.3.49.3-2.el6_4.1 base 159 k
> coreutils x86_64 8.4-31.el6_5.1 updates 3.0 M
> coreutils-libs x86_64 8.4-31.el6_5.1 updates 50 k
> cpp x86_64 4.4.7-4.el6 base 3.7 M
> cronie x86_64 1.4.4-12.el6 base 73 k
> cronie-anacron x86_64 1.4.4-12.el6 base 30 k
> cups-libs x86_64 1:1.4.2-50.el6_4.5 base 317 k
> curl x86_64 7.19.7-37.el6_5.3 updates 194 k
> db4 x86_64 4.7.25-18.el6_4 base 563 k
> db4-utils x86_64 4.7.25-18.el6_4 base 130 k
> device-mapper x86_64 1.02.79-8.el6 base 164 k
> device-mapper-event x86_64 1.02.79-8.el6 base 115 k
> device-mapper-event-libs x86_64 1.02.79-8.el6 base 110 k
> device-mapper-libs x86_64 1.02.79-8.el6 base 195 k
> device-mapper-persistent-data x86_64 0.2.8-4.el6_5 updates 1.1 M
> dhclient x86_64 12:4.1.1-38.P1.el6.centos base 317 k
> dhcp-common x86_64 12:4.1.1-38.P1.el6.centos base 142 k
> dmidecode x86_64 1:2.12-5.el6_5 updates 73 k
> dracut noarch 004-336.el6_5.2 updates 122 k
> dracut-kernel noarch 004-336.el6_5.2 updates 24 k
> e2fsprogs x86_64 1.41.12-18.el6 base 552 k
> e2fsprogs-libs x86_64 1.41.12-18.el6 base 120 k
> efibootmgr x86_64 0.5.4-11.el6 base 38 k
> emacs x86_64 1:23.1-25.el6 base 2.2 M
> emacs-common x86_64 1:23.1-25.el6 base 18 M
> ethtool x86_64 2:3.5-1.4.el6_5 updates 101 k
> gcc x86_64 4.4.7-4.el6 base 10 M
> gcc-c++ x86_64 4.4.7-4.el6 base 4.7 M
> gdisk x86_64 0.8.10-1.el6 epel 167 k
> ghostscript x86_64 8.70-19.el6 base 4.4 M
> glib2 x86_64 2.26.1-7.el6_5 updates 1.6 M
> glibc x86_64 2.12-1.132.el6_5.2 updates 3.8 M
> glibc-common x86_64 2.12-1.132.el6_5.2 updates 14 M
> glibc-devel x86_64 2.12-1.132.el6_5.2 updates 978 k
> glibc-headers x86_64 2.12-1.132.el6_5.2 updates 608 k
> gnupg2 x86_64 2.0.14-6.el6_4 base 1.6 M
> gnutls x86_64 2.8.5-14.el6_5 updates 346 k
> grep x86_64 2.6.3-4.el6_5.1 updates 229 k
> grub x86_64 1:0.97-83.el6 base 933 k
> grubby x86_64 7.0.15-5.el6 base 43 k
> gtk2 x86_64 2.20.1-4.el6 base 3.3 M
> gzip x86_64 1.3.12-19.el6_4 base 116 k
> hdparm x86_64 9.43-4.el6 base 81 k
> hwdata noarch 0.233-9.1.el6 base 1.2 M
> initscripts x86_64 9.03.40-2.el6.centos.1 updates 940 k
> iproute x86_64 2.6.32-32.el6_5 updates 365 k
> iptables x86_64 1.4.7-11.el6 base 252 k
> iptables-ipv6 x86_64 1.4.7-11.el6 base 97 k
> iputils x86_64 20071127-17.el6_4.2 base 120 k
> kernel-firmware noarch 2.6.32-431.17.1.el6 updates 13 M
> kernel-headers x86_64 2.6.32-431.17.1.el6 updates 2.9 M
> kpartx x86_64 0.4.9-72.el6_5.2 updates 58 k
> krb5-devel x86_64 1.10.3-15.el6_5.1 updates 495 k
> krb5-libs x86_64 1.10.3-15.el6_5.1 updates 761 k
> libXcursor x86_64 1.1.13-6.20130524git8f677eaea.el6 base 28 k
> libXfont x86_64 1.4.5-3.el6_5 updates 136 k
> libblkid x86_64 2.17.2-12.14.el6_5 updates 115 k
> libcgroup x86_64 0.40.rc1-5.el6_5.1 updates 125 k
> libcom_err x86_64 1.41.12-18.el6 base 37 k
> libcom_err-devel x86_64 1.41.12-18.el6 base 32 k
> libcurl x86_64 7.19.7-37.el6_5.3 updates 166 k
> libcurl-devel x86_64 7.19.7-37.el6_5.3 updates 244 k
> libdrm x86_64 2.4.45-2.el6 base 121 k
> libgcc x86_64 4.4.7-4.el6 base 101 k
> libgcrypt x86_64 1.4.5-11.el6_4 base 229 k
> libgcrypt-devel x86_64 1.4.5-11.el6_4 base 118 k
> libgomp x86_64 4.4.7-4.el6 base 118 k
> libjpeg-turbo x86_64 1.2.1-3.el6_5 updates 174 k
> librsvg2 x86_64 2.26.0-6.el6_5.3 updates 140 k
> libselinux x86_64 2.0.94-5.3.el6_4.1 base 108 k
> libselinux-devel x86_64 2.0.94-5.3.el6_4.1 base 136 k
> libselinux-utils x86_64 2.0.94-5.3.el6_4.1 base 81 k
> libss x86_64 1.41.12-18.el6 base 41 k
> libstdc++ x86_64 4.4.7-4.el6 base 293 k
> libstdc++-devel x86_64 4.4.7-4.el6 base 1.6 M
> libtasn1 x86_64 2.3-6.el6_5 updates 238 k
> libtiff x86_64 3.9.4-10.el6_5 updates 343 k
> libudev x86_64 147-2.51.el6 base 74 k
> libuuid x86_64 2.17.2-12.14.el6_5 updates 68 k
> libxml2 x86_64 2.7.6-14.el6_5.1 updates 800 k
> libxml2-devel x86_64 2.7.6-14.el6_5.1 updates 1.1 M
> logrotate x86_64 3.7.8-17.el6 base 55 k
> lvm2 x86_64 2.02.100-8.el6 base 725 k
> lvm2-libs x86_64 2.02.100-8.el6 base 816 k
> mdadm x86_64 3.2.6-7.el6_5.2 updates 337 k
> module-init-tools x86_64 3.9-21.el6_4 base 462 k
> mysql x86_64 5.1.73-3.el6_5 updates 894 k
> mysql-devel x86_64 5.1.73-3.el6_5 updates 129 k
> mysql-libs x86_64 5.1.73-3.el6_5 updates 1.2 M
> mysql-server x86_64 5.1.73-3.el6_5 updates 8.6 M
> nginx x86_64 1.0.15-5.el6 epel 397 k
> nspr x86_64 4.10.2-1.el6_5 updates 113 k
> nss x86_64 3.15.3-6.el6_5 updates 822 k
> nss-softokn x86_64 3.14.3-10.el6_5 updates 265 k
> nss-softokn-freebl x86_64 3.14.3-10.el6_5 updates 157 k
> nss-sysinit x86_64 3.15.3-6.el6_5 updates 40 k
> nss-tools x86_64 3.15.3-6.el6_5 updates 358 k
> nss-util x86_64 3.15.3-1.el6_5 updates 64 k
> ntp x86_64 4.2.6p5-1.el6.centos base 592 k
> ntpdate x86_64 4.2.6p5-1.el6.centos base 75 k
> openldap x86_64 2.4.23-34.el6_5.1 updates 265 k
> openssh x86_64 5.3p1-94.el6 base 258 k
> openssh-clients x86_64 5.3p1-94.el6 base 402 k
> openssh-server x86_64 5.3p1-94.el6 base 311 k
> openssl x86_64 1.0.1e-16.el6_5.14 updates 1.5 M
> openssl-devel x86_64 1.0.1e-16.el6_5.14 updates 1.2 M
> pam x86_64 1.1.1-17.el6 base 658 k
> perl x86_64 4:5.10.1-136.el6 base 10 M
> perl-Module-Pluggable x86_64 1:3.90-136.el6 base 40 k
> perl-Pod-Escapes x86_64 1:1.04-136.el6 base 32 k
> perl-Pod-Simple x86_64 1:3.13-136.el6 base 212 k
> perl-libs x86_64 4:5.10.1-136.el6 base 578 k
> perl-version x86_64 3:0.77-136.el6 base 51 k
> pixman x86_64 0.26.2-5.1.el6_5 updates 200 k
> policycoreutils x86_64 2.0.83-19.39.el6 base 648 k
> polkit x86_64 0.96-5.el6_4 base 158 k
> postfix x86_64 2:2.6.6-6.el6_5 updates 2.0 M
> postgresql-libs x86_64 8.4.20-1.el6_5 updates 201 k
> psmisc x86_64 22.6-19.el6_5 updates 81 k
> python x86_64 2.6.6-52.el6 updates 74 k
> python-libs x86_64 2.6.6-52.el6 updates 5.3 M
> python-urlgrabber noarch 3.9.1-9.el6 base 85 k
> rpm x86_64 4.8.0-37.el6 base 901 k
> rpm-libs x86_64 4.8.0-37.el6 base 313 k
> rpm-python x86_64 4.8.0-37.el6 base 57 k
> rsync x86_64 3.0.6-9.el6_4.1 base 334 k
> rsyslog x86_64 5.8.10-8.el6 base 649 k
> ruby x86_64 1.8.7.352-13.el6 updates 534 k
> ruby-devel x86_64 1.8.7.352-13.el6 updates 314 k
> ruby-irb x86_64 1.8.7.352-13.el6 updates 314 k
> ruby-libs x86_64 1.8.7.352-13.el6 updates 1.6 M
> ruby-rdoc x86_64 1.8.7.352-13.el6 updates 377 k
> rubygems noarch 1.3.7-5.el6 base 207 k
> selinux-policy noarch 3.7.19-231.el6_5.3 updates 825 k
> selinux-policy-targeted noarch 3.7.19-231.el6_5.3 updates 2.8 M
> setup noarch 2.8.14-20.el6_4.1 base 151 k
> sphinx x86_64 2.0.8-1.el6 epel 3.3 M
> sudo x86_64 1.8.6p3-12.el6 base 703 k
> sysvinit-tools x86_64 2.87-5.dsf.el6 base 59 k
> tzdata noarch 2014d-1.el6 updates 452 k
> udev x86_64 147-2.51.el6 base 348 k
> upstart x86_64 0.6.5-13.el6_5.3 updates 177 k
> util-linux-ng x86_64 2.17.2-12.14.el6_5 updates 1.5 M
> wget x86_64 1.12-1.11.el6_5 updates 483 k
> xfsprogs x86_64 3.1.1-14.el6 base 724 k
> xinetd x86_64 2:2.3.14-39.el6_4 base 121 k
> yum noarch 3.2.29-43.el6.centos updates 996 k
> yum-plugin-fastestmirror noarch 1.1.30-17.el6_5 updates 28 k
> yum-utils noarch 1.1.30-17.el6_5 updates 102 k
> Installing for dependencies:
> OpenEXR-libs x86_64 1.6.1-8.1.el6 base 197 k
> ilmbase x86_64 1.0.1-6.1.el6 base 72 k
> p11-kit x86_64 0.18.5-2.el6_5.2 updates 94 k
> p11-kit-trust x86_64 0.18.5-2.el6_5.2 updates 71 k
> shared-mime-info x86_64 0.70-4.el6 base 209 k
>
> Transaction Summary
> ======================================================================================================
> Install 6 Package(s)
> Upgrade 156 Package(s)
>
> Not sure which boxes you updated, but it wasn't ours.
>
> Note -> Not exactly impressed. :(
>
> I'm kicking off the updates myself in a minute, then rebooting
> the box.
>
> Regards,
>
> Justin Clift
>
>
> On 06/06/2014, at 11:38 AM, Marcin Kulik wrote:
>> Thanks for heads up.
>> I've updated the packages and restarted the machine.
>> All services started properly.
>>
>> Regards,
>> Marcin
>>
>> On Thu, Jun 5, 2014 at 5:55 PM, Justin Clift <justin at gluster.org> wrote:
>>> Just a heads up in case you haven't seen it yet. There's a _new_
>>> OpenSSL vulnerability reported. Packages for CentOS 5 & 6 have
>>> been released. (currently getting sync'd to the worldwide mirrors)
>>>
>>> http://lists.centos.org/pipermail/centos-announce/2014-June/020344.html
>>> http://lists.centos.org/pipermail/centos-announce/2014-June/020345.html
>>> http://lists.centos.org/pipermail/centos-announce/2014-June/020346.html
>>>
>>> + Justin
>>>
>>>
>>> On 26/05/2014, at 10:27 AM, Marcin Kulik wrote:
>>>> Hi Justin,
>>>>
>>>> We have installed new package updates on forge.gluster.org and
>>>> rebooted the machine.
>>>>
>>>> Updates installed:
>>>>
>>>> libxml2-2.7.6-14.el6_2.7.6-14.el6_5.1.x86_64.drpm
>>>> libxml2-devel-2.7.6-14.el6_2.7.6-14.el6_5.1.x86_64.drpm
>>>> selinux-policy-3.7.19-231.el6_5.1_3.7.19-231.el6_5.3.noarch.drpm
>>>> selinux-policy-targeted-3.7.19-231.el6_5.1_3.7.19-231.el6_5.3.noarch.drpm
>>>> tzdata-2014b-1.el6_2014b-3.24.el6.noarch.drpm
>>>>
>>>> Regards,
>>>> Marcin
>
> --
> GlusterFS - http://www.gluster.org
>
> An open source, distributed file system scaling to several
> petabytes, and handling thousands of clients.
>
> My personal twitter: twitter.com/realjustinclift
>
More information about the Gluster-infra
mailing list