[prev in list] [next in list] [prev in thread] [next in thread]
List: npaci-rocks-discussion
Subject: [Rocks-Discuss] GHOST Critical Centos Update
From: James Rudd <james.rudd () gmail ! com>
Date: 2015-01-28 8:18:37
Message-ID: CANhvMXO3Bxc-ePteC8zPNmLUPTL1qz1XCss+kkvbmqF30HLRCw () mail ! gmail ! com
[Download RAW message or body]
Most of you would be aware of the recently announced vulnerability in glibc.
http://www.zdnet.com/article/critical-linux-security-hole-found/
http://ma.ttias.be/critical-glibc-update-cve-2015-0235-gethostbyname-calls/
Rocks Centos is vulnerable to privilege escalation from local users, and
any services you have open in your firewall (e.g. mail).
For those interested these are the commands I used for patching our Rocks
6.1 system. For 6.1.1 just change the RPM directory. These are based on the
BASH patching commands used in the past.
yumdownloader --enablerepo=updates,base \
--destdir=/export/rocks/install/contrib/6.1/x86_64/RPMS/ glibc\* nscd
cd /export/rocks/install
rocks create distro
rocks run host frontend "yum clean all; yum -y update glibc\* nscd"
rocks run host login "yum clean all; yum -y update glibc\* nscd"
rocks run host compute "yum clean all; yum -y update glibc\* nscd"
rocks run host nas "yum clean all; yum -y update glibc\* nscd"
Hope this is useful to others.
Cheers,
James
James Rudd
http://jrudd.org/
---------------------
HPC Cluster Administrator
Centre of Excellence for Silicon Photovoltaics and Photonics
University of New South Wales
Sydney NSW 2052
AUSTRALIA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.sdsc.edu/pipermail/npaci-rocks-discussion/attachments/20150128/d630baea/attachment.html \
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic