[Gluster-infra] Package updates on forge.gluster.org

Justin Clift justin at gluster.org
Fri Jun 6 14:24:30 UTC 2014

Interestingly, after double checking our boxes for the vulnerability using
the online tool (https://access.redhat.com/labs/ccsinjectiontest/), the
box was still showing as vulnerable.

Logging in shows a large amount of rpms requiring updates.  "Yum update"

 Package                           Arch       Version                               Repository   Size
 kernel                            x86_64     2.6.32-431.17.1.el6                   updates      28 M
 ImageMagick                       x86_64                       updates     1.7 M
 atk                               x86_64     1.30.0-1.el6                          base        195 k
 audit                             x86_64     2.2-4.el6_5                           updates     225 k
 audit-libs                        x86_64     2.2-4.el6_5                           updates      60 k
 bash                              x86_64     4.1.2-15.el6_4                        base        904 k
 ca-certificates                   noarch     2013.1.95-65.1.el6_5                  updates     1.1 M
 centos-release                    x86_64     6-5.el6.centos.11.2                   updates      20 k
 chkconfig                         x86_64                    base        159 k
 coreutils                         x86_64     8.4-31.el6_5.1                        updates     3.0 M
 coreutils-libs                    x86_64     8.4-31.el6_5.1                        updates      50 k
 cpp                               x86_64     4.4.7-4.el6                           base        3.7 M
 cronie                            x86_64     1.4.4-12.el6                          base         73 k
 cronie-anacron                    x86_64     1.4.4-12.el6                          base         30 k
 cups-libs                         x86_64     1:1.4.2-50.el6_4.5                    base        317 k
 curl                              x86_64     7.19.7-37.el6_5.3                     updates     194 k
 db4                               x86_64     4.7.25-18.el6_4                       base        563 k
 db4-utils                         x86_64     4.7.25-18.el6_4                       base        130 k
 device-mapper                     x86_64     1.02.79-8.el6                         base        164 k
 device-mapper-event               x86_64     1.02.79-8.el6                         base        115 k
 device-mapper-event-libs          x86_64     1.02.79-8.el6                         base        110 k
 device-mapper-libs                x86_64     1.02.79-8.el6                         base        195 k
 device-mapper-persistent-data     x86_64     0.2.8-4.el6_5                         updates     1.1 M
 dhclient                          x86_64     12:4.1.1-38.P1.el6.centos             base        317 k
 dhcp-common                       x86_64     12:4.1.1-38.P1.el6.centos             base        142 k
 dmidecode                         x86_64     1:2.12-5.el6_5                        updates      73 k
 dracut                            noarch     004-336.el6_5.2                       updates     122 k
 dracut-kernel                     noarch     004-336.el6_5.2                       updates      24 k
 e2fsprogs                         x86_64     1.41.12-18.el6                        base        552 k
 e2fsprogs-libs                    x86_64     1.41.12-18.el6                        base        120 k
 efibootmgr                        x86_64     0.5.4-11.el6                          base         38 k
 emacs                             x86_64     1:23.1-25.el6                         base        2.2 M
 emacs-common                      x86_64     1:23.1-25.el6                         base         18 M
 ethtool                           x86_64     2:3.5-1.4.el6_5                       updates     101 k
 gcc                               x86_64     4.4.7-4.el6                           base         10 M
 gcc-c++                           x86_64     4.4.7-4.el6                           base        4.7 M
 gdisk                             x86_64     0.8.10-1.el6                          epel        167 k
 ghostscript                       x86_64     8.70-19.el6                           base        4.4 M
 glib2                             x86_64     2.26.1-7.el6_5                        updates     1.6 M
 glibc                             x86_64     2.12-1.132.el6_5.2                    updates     3.8 M
 glibc-common                      x86_64     2.12-1.132.el6_5.2                    updates      14 M
 glibc-devel                       x86_64     2.12-1.132.el6_5.2                    updates     978 k
 glibc-headers                     x86_64     2.12-1.132.el6_5.2                    updates     608 k
 gnupg2                            x86_64     2.0.14-6.el6_4                        base        1.6 M
 gnutls                            x86_64     2.8.5-14.el6_5                        updates     346 k
 grep                              x86_64     2.6.3-4.el6_5.1                       updates     229 k
 grub                              x86_64     1:0.97-83.el6                         base        933 k
 grubby                            x86_64     7.0.15-5.el6                          base         43 k
 gtk2                              x86_64     2.20.1-4.el6                          base        3.3 M
 gzip                              x86_64     1.3.12-19.el6_4                       base        116 k
 hdparm                            x86_64     9.43-4.el6                            base         81 k
 hwdata                            noarch     0.233-9.1.el6                         base        1.2 M
 initscripts                       x86_64     9.03.40-2.el6.centos.1                updates     940 k
 iproute                           x86_64     2.6.32-32.el6_5                       updates     365 k
 iptables                          x86_64     1.4.7-11.el6                          base        252 k
 iptables-ipv6                     x86_64     1.4.7-11.el6                          base         97 k
 iputils                           x86_64     20071127-17.el6_4.2                   base        120 k
 kernel-firmware                   noarch     2.6.32-431.17.1.el6                   updates      13 M
 kernel-headers                    x86_64     2.6.32-431.17.1.el6                   updates     2.9 M
 kpartx                            x86_64     0.4.9-72.el6_5.2                      updates      58 k
 krb5-devel                        x86_64     1.10.3-15.el6_5.1                     updates     495 k
 krb5-libs                         x86_64     1.10.3-15.el6_5.1                     updates     761 k
 libXcursor                        x86_64     1.1.13-6.20130524git8f677eaea.el6     base         28 k
 libXfont                          x86_64     1.4.5-3.el6_5                         updates     136 k
 libblkid                          x86_64     2.17.2-12.14.el6_5                    updates     115 k
 libcgroup                         x86_64     0.40.rc1-5.el6_5.1                    updates     125 k
 libcom_err                        x86_64     1.41.12-18.el6                        base         37 k
 libcom_err-devel                  x86_64     1.41.12-18.el6                        base         32 k
 libcurl                           x86_64     7.19.7-37.el6_5.3                     updates     166 k
 libcurl-devel                     x86_64     7.19.7-37.el6_5.3                     updates     244 k
 libdrm                            x86_64     2.4.45-2.el6                          base        121 k
 libgcc                            x86_64     4.4.7-4.el6                           base        101 k
 libgcrypt                         x86_64     1.4.5-11.el6_4                        base        229 k
 libgcrypt-devel                   x86_64     1.4.5-11.el6_4                        base        118 k
 libgomp                           x86_64     4.4.7-4.el6                           base        118 k
 libjpeg-turbo                     x86_64     1.2.1-3.el6_5                         updates     174 k
 librsvg2                          x86_64     2.26.0-6.el6_5.3                      updates     140 k
 libselinux                        x86_64     2.0.94-5.3.el6_4.1                    base        108 k
 libselinux-devel                  x86_64     2.0.94-5.3.el6_4.1                    base        136 k
 libselinux-utils                  x86_64     2.0.94-5.3.el6_4.1                    base         81 k
 libss                             x86_64     1.41.12-18.el6                        base         41 k
 libstdc++                         x86_64     4.4.7-4.el6                           base        293 k
 libstdc++-devel                   x86_64     4.4.7-4.el6                           base        1.6 M
 libtasn1                          x86_64     2.3-6.el6_5                           updates     238 k
 libtiff                           x86_64     3.9.4-10.el6_5                        updates     343 k
 libudev                           x86_64     147-2.51.el6                          base         74 k
 libuuid                           x86_64     2.17.2-12.14.el6_5                    updates      68 k
 libxml2                           x86_64     2.7.6-14.el6_5.1                      updates     800 k
 libxml2-devel                     x86_64     2.7.6-14.el6_5.1                      updates     1.1 M
 logrotate                         x86_64     3.7.8-17.el6                          base         55 k
 lvm2                              x86_64     2.02.100-8.el6                        base        725 k
 lvm2-libs                         x86_64     2.02.100-8.el6                        base        816 k
 mdadm                             x86_64     3.2.6-7.el6_5.2                       updates     337 k
 module-init-tools                 x86_64     3.9-21.el6_4                          base        462 k
 mysql                             x86_64     5.1.73-3.el6_5                        updates     894 k
 mysql-devel                       x86_64     5.1.73-3.el6_5                        updates     129 k
 mysql-libs                        x86_64     5.1.73-3.el6_5                        updates     1.2 M
 mysql-server                      x86_64     5.1.73-3.el6_5                        updates     8.6 M
 nginx                             x86_64     1.0.15-5.el6                          epel        397 k
 nspr                              x86_64     4.10.2-1.el6_5                        updates     113 k
 nss                               x86_64     3.15.3-6.el6_5                        updates     822 k
 nss-softokn                       x86_64     3.14.3-10.el6_5                       updates     265 k
 nss-softokn-freebl                x86_64     3.14.3-10.el6_5                       updates     157 k
 nss-sysinit                       x86_64     3.15.3-6.el6_5                        updates      40 k
 nss-tools                         x86_64     3.15.3-6.el6_5                        updates     358 k
 nss-util                          x86_64     3.15.3-1.el6_5                        updates      64 k
 ntp                               x86_64     4.2.6p5-1.el6.centos                  base        592 k
 ntpdate                           x86_64     4.2.6p5-1.el6.centos                  base         75 k
 openldap                          x86_64     2.4.23-34.el6_5.1                     updates     265 k
 openssh                           x86_64     5.3p1-94.el6                          base        258 k
 openssh-clients                   x86_64     5.3p1-94.el6                          base        402 k
 openssh-server                    x86_64     5.3p1-94.el6                          base        311 k
 openssl                           x86_64     1.0.1e-16.el6_5.14                    updates     1.5 M
 openssl-devel                     x86_64     1.0.1e-16.el6_5.14                    updates     1.2 M
 pam                               x86_64     1.1.1-17.el6                          base        658 k
 perl                              x86_64     4:5.10.1-136.el6                      base         10 M
 perl-Module-Pluggable             x86_64     1:3.90-136.el6                        base         40 k
 perl-Pod-Escapes                  x86_64     1:1.04-136.el6                        base         32 k
 perl-Pod-Simple                   x86_64     1:3.13-136.el6                        base        212 k
 perl-libs                         x86_64     4:5.10.1-136.el6                      base        578 k
 perl-version                      x86_64     3:0.77-136.el6                        base         51 k
 pixman                            x86_64     0.26.2-5.1.el6_5                      updates     200 k
 policycoreutils                   x86_64     2.0.83-19.39.el6                      base        648 k
 polkit                            x86_64     0.96-5.el6_4                          base        158 k
 postfix                           x86_64     2:2.6.6-6.el6_5                       updates     2.0 M
 postgresql-libs                   x86_64     8.4.20-1.el6_5                        updates     201 k
 psmisc                            x86_64     22.6-19.el6_5                         updates      81 k
 python                            x86_64     2.6.6-52.el6                          updates      74 k
 python-libs                       x86_64     2.6.6-52.el6                          updates     5.3 M
 python-urlgrabber                 noarch     3.9.1-9.el6                           base         85 k
 rpm                               x86_64     4.8.0-37.el6                          base        901 k
 rpm-libs                          x86_64     4.8.0-37.el6                          base        313 k
 rpm-python                        x86_64     4.8.0-37.el6                          base         57 k
 rsync                             x86_64     3.0.6-9.el6_4.1                       base        334 k
 rsyslog                           x86_64     5.8.10-8.el6                          base        649 k
 ruby                              x86_64                      updates     534 k
 ruby-devel                        x86_64                      updates     314 k
 ruby-irb                          x86_64                      updates     314 k
 ruby-libs                         x86_64                      updates     1.6 M
 ruby-rdoc                         x86_64                      updates     377 k
 rubygems                          noarch     1.3.7-5.el6                           base        207 k
 selinux-policy                    noarch     3.7.19-231.el6_5.3                    updates     825 k
 selinux-policy-targeted           noarch     3.7.19-231.el6_5.3                    updates     2.8 M
 setup                             noarch     2.8.14-20.el6_4.1                     base        151 k
 sphinx                            x86_64     2.0.8-1.el6                           epel        3.3 M
 sudo                              x86_64     1.8.6p3-12.el6                        base        703 k
 sysvinit-tools                    x86_64     2.87-5.dsf.el6                        base         59 k
 tzdata                            noarch     2014d-1.el6                           updates     452 k
 udev                              x86_64     147-2.51.el6                          base        348 k
 upstart                           x86_64     0.6.5-13.el6_5.3                      updates     177 k
 util-linux-ng                     x86_64     2.17.2-12.14.el6_5                    updates     1.5 M
 wget                              x86_64     1.12-1.11.el6_5                       updates     483 k
 xfsprogs                          x86_64     3.1.1-14.el6                          base        724 k
 xinetd                            x86_64     2:2.3.14-39.el6_4                     base        121 k
 yum                               noarch     3.2.29-43.el6.centos                  updates     996 k
 yum-plugin-fastestmirror          noarch     1.1.30-17.el6_5                       updates      28 k
 yum-utils                         noarch     1.1.30-17.el6_5                       updates     102 k
Installing for dependencies:
 OpenEXR-libs                      x86_64     1.6.1-8.1.el6                         base        197 k
 ilmbase                           x86_64     1.0.1-6.1.el6                         base         72 k
 p11-kit                           x86_64     0.18.5-2.el6_5.2                      updates      94 k
 p11-kit-trust                     x86_64     0.18.5-2.el6_5.2                      updates      71 k
 shared-mime-info                  x86_64     0.70-4.el6                            base        209 k

Transaction Summary
Install       6 Package(s)
Upgrade     156 Package(s)

Not sure which boxes you updated, but it wasn't ours.

Note -> Not exactly impressed. :(

I'm kicking off the updates myself in a minute, then rebooting
the box.


Justin Clift

On 06/06/2014, at 11:38 AM, Marcin Kulik wrote:
> Thanks for heads up.
> I've updated the packages and restarted the machine.
> All services started properly.
> Regards,
> Marcin
> On Thu, Jun 5, 2014 at 5:55 PM, Justin Clift <justin at gluster.org> wrote:
>> Just a heads up in case you haven't seen it yet.  There's a _new_
>> OpenSSL vulnerability reported.  Packages for CentOS 5 & 6 have
>> been released.  (currently getting sync'd to the worldwide mirrors)
>>  http://lists.centos.org/pipermail/centos-announce/2014-June/020344.html
>>  http://lists.centos.org/pipermail/centos-announce/2014-June/020345.html
>>  http://lists.centos.org/pipermail/centos-announce/2014-June/020346.html
>> + Justin
>> On 26/05/2014, at 10:27 AM, Marcin Kulik wrote:
>>> Hi Justin,
>>> We have installed new package updates on forge.gluster.org and
>>> rebooted the machine.
>>> Updates installed:
>>> libxml2-2.7.6-14.el6_2.7.6-14.el6_5.1.x86_64.drpm
>>> libxml2-devel-2.7.6-14.el6_2.7.6-14.el6_5.1.x86_64.drpm
>>> selinux-policy-3.7.19-231.el6_5.1_3.7.19-231.el6_5.3.noarch.drpm
>>> selinux-policy-targeted-3.7.19-231.el6_5.1_3.7.19-231.el6_5.3.noarch.drpm
>>> tzdata-2014b-1.el6_2014b-3.24.el6.noarch.drpm
>>> Regards,
>>> Marcin

GlusterFS - http://www.gluster.org

An open source, distributed file system scaling to several
petabytes, and handling thousands of clients.

My personal twitter: twitter.com/realjustinclift

More information about the Gluster-infra mailing list