[CentOS] CentOS-announce Digest, Vol 155, Issue 6

2018-01-25 Thread centos-announce-request 
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org

To subscribe or unsubscribe via the World Wide Web, visit
https://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org

You can reach the person managing the list at
centos-announce-ow...@centos.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. CESA-2018:0122 Critical CentOS 6 firefox Security Update
  (Johnny Hughes)
   2. CESA-2018:0122 Critical CentOS 7 firefox Security Update
  (Johnny Hughes)


--

Message: 1
Date: Thu, 25 Jan 2018 06:37:52 +
From: Johnny Hughes 
To: centos-annou...@centos.org
Subject: [CentOS-announce] CESA-2018:0122 Critical CentOS 6 firefox
SecurityUpdate
Message-ID: <20180125063752.ga43...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2018:0122 Critical

Upstream details at : https://access.redhat.com/errata/RHSA-2018:0122

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
d520a5bd34e9120d6dd1a7ca2b1dee170a068b7f4716a0907a5f22a2afeed278  
firefox-52.6.0-1.el6.centos.i686.rpm

x86_64:
d520a5bd34e9120d6dd1a7ca2b1dee170a068b7f4716a0907a5f22a2afeed278  
firefox-52.6.0-1.el6.centos.i686.rpm
d8ae79c414c058f9a537e3603cf14ebddb1460409ea4d9f86a1a859141e6f758  
firefox-52.6.0-1.el6.centos.x86_64.rpm

Source:
92630fb0ed3e4b689e50984fbbc2f56ce5113bb71a05e3d3a68c1e41812d01b6  
firefox-52.6.0-1.el6.centos.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
Twitter: @JohnnyCentOS



--

Message: 2
Date: Thu, 25 Jan 2018 06:38:48 +
From: Johnny Hughes 
To: centos-annou...@centos.org
Subject: [CentOS-announce] CESA-2018:0122 Critical CentOS 7 firefox
SecurityUpdate
Message-ID: <20180125063848.ga43...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2018:0122 Critical

Upstream details at : https://access.redhat.com/errata/RHSA-2018:0122

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
4f1ba783a633e72e1a59563f0075d9465b72dc3a21fc5d04942a3523f457edb2  
firefox-52.6.0-1.el7.centos.i686.rpm
e6b21655697ab4ff74a38167c34a7b39da40425e4186e9b43c4c3ee930217022  
firefox-52.6.0-1.el7.centos.x86_64.rpm

Source:
31ea583f73f9589e54dc59865507acd8a8af28ad32bb78a634ad9b0e9559a359  
firefox-52.6.0-1.el7.centos.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
Twitter: @JohnnyCentOS



--

Subject: Digest Footer

___
CentOS-announce mailing list
centos-annou...@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce


--

End of CentOS-announce Digest, Vol 155, Issue 6
***
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] yum update gitlab-ci-multi-runner

2018-01-25 Thread Helmut Drodofsky 

I'm doing
yum update
in CentOS 7 since some 10 hours.

Last terminal message is:
Updating   : gitlab-ci-multi-runner-9.5.1-1.x86_64

ps aux:
root 15296  0.3  2.5 1554608 204988 pts/0  S+   06:23   2:01 
/usr/bin/python /bin/yum update


to kill yum is not a good idea. Alternative?

for what is yum waiting? can I stop an application process?

systemctl stop gitlab-runner does not help, same with giltlab-ctl stop

best regards

--
Viele Grüße
Helmut Drodofsky

Internet XS Service GmbH
Heßbrühlstraße 15
70565 Stuttgart

Geschäftsführung
Helmut Drodofsky
HRB 21091 Stuttgart
USt.ID: DE190582774
Fon: 0711 781941 0 
Fax: 0711 781941 79
Mail: i...@internet-xs.de
www.internet-xs.de
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Latest CVE's For MySQL

2018-01-25 Thread Paul E. Virgo 
Looks like a series of vulnerability alerts for Oracle MySQL have been 
issued: CVE-2018-2562, CVE-2018-2647 (both high), CVE-2018-2645, 
CVE-2018-2646, CVE-2018-2665 (all three medium). This affects versions 
5.7.20 and prior. I know CentOS/RedHat usually do backports--anybody 
know if this is the case, or do we have to go 'outside' now, and get the 
MySQL repository to use, for the latest and greatest?


PEV

--
Paul E Virgo
Sr. System Administrator
Code 610.2
SESDA III - DAAC/DISC
Goddard Space Flight Ctr/NASA
Greenbelt, MD
Greenbelt, MD 20771
(301) 614-5751

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Latest CVE's For MySQL

2018-01-25 Thread Johnny Hughes 
On 01/25/2018 09:58 AM, Paul E. Virgo wrote:
> Looks like a series of vulnerability alerts for Oracle MySQL have been
> issued: CVE-2018-2562, CVE-2018-2647 (both high), CVE-2018-2645,
> CVE-2018-2646, CVE-2018-2665 (all three medium). This affects versions
> 5.7.20 and prior. I know CentOS/RedHat usually do backports--anybody
> know if this is the case, or do we have to go 'outside' now, and get the
> MySQL repository to use, for the latest and greatest?
> 
> PEV
> 

Red Hat no longer uses mysql in EL7 .. it uses mariadb.

They will backport any security updates for the mysql in EL6.



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Latest CVE's For MySQL

2018-01-25 Thread Paul E. Virgo 

Johnny,

Thanks. I needed this to present as 'ammo' for not using a 3rd-party 
MySQL repo to address these security issues.


PEV


On 01/25/2018 11:03 AM, Johnny Hughes wrote:

On 01/25/2018 09:58 AM, Paul E. Virgo wrote:

Looks like a series of vulnerability alerts for Oracle MySQL have been
issued: CVE-2018-2562, CVE-2018-2647 (both high), CVE-2018-2645,
CVE-2018-2646, CVE-2018-2665 (all three medium). This affects versions
5.7.20 and prior. I know CentOS/RedHat usually do backports--anybody
know if this is the case, or do we have to go 'outside' now, and get the
MySQL repository to use, for the latest and greatest?

PEV


Red Hat no longer uses mysql in EL7 .. it uses mariadb.

They will backport any security updates for the mysql in EL6.



--
Paul E Virgo
Sr. System Administrator
Code 610.2
SESDA III - DAAC/DISC
Goddard Space Flight Ctr/NASA
Greenbelt, MD
Greenbelt, MD 20771
(301) 614-5751

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] /lib/firmware/microcode.dat update on CentOS 6

2018-01-25 Thread Robert Arkiletian 
On Wed, Jan 24, 2018 at 4:41 PM, Leon Fauster
 wrote:
...
>
> Comparing microcode-20171117 with microcode-20180108 shows that
> from the 94 ucode files only 19 where updated
>
> $ diff -r --brief microcode-20171117 microcode-20180108
> Files microcode-20171117/intel-ucode/06-3c-03 and 
> microcode-20180108/intel-ucode/06-3c-03 differ
> Files microcode-20171117/intel-ucode/06-3d-04 and 
> microcode-20180108/intel-ucode/06-3d-04 differ
> Files microcode-20171117/intel-ucode/06-3e-04 and 
> microcode-20180108/intel-ucode/06-3e-04 differ
> Files microcode-20171117/intel-ucode/06-3f-02 and 
> microcode-20180108/intel-ucode/06-3f-02 differ
> Files microcode-20171117/intel-ucode/06-3f-04 and 
> microcode-20180108/intel-ucode/06-3f-04 differ
> Files microcode-20171117/intel-ucode/06-45-01 and 
> microcode-20180108/intel-ucode/06-45-01 differ
> Files microcode-20171117/intel-ucode/06-46-01 and 
> microcode-20180108/intel-ucode/06-46-01 differ
> Files microcode-20171117/intel-ucode/06-47-01 and 
> microcode-20180108/intel-ucode/06-47-01 differ
> Files microcode-20171117/intel-ucode/06-4e-03 and 
> microcode-20180108/intel-ucode/06-4e-03 differ
> Files microcode-20171117/intel-ucode/06-55-04 and 
> microcode-20180108/intel-ucode/06-55-04 differ
> Files microcode-20171117/intel-ucode/06-56-02 and 
> microcode-20180108/intel-ucode/06-56-02 differ
> Files microcode-20171117/intel-ucode/06-56-03 and 
> microcode-20180108/intel-ucode/06-56-03 differ
> Files microcode-20171117/intel-ucode/06-5e-03 and 
> microcode-20180108/intel-ucode/06-5e-03 differ
> Files microcode-20171117/intel-ucode/06-7a-01 and 
> microcode-20180108/intel-ucode/06-7a-01 differ
> Files microcode-20171117/intel-ucode/06-8e-09 and 
> microcode-20180108/intel-ucode/06-8e-09 differ
> Files microcode-20171117/intel-ucode/06-8e-0a and 
> microcode-20180108/intel-ucode/06-8e-0a differ
> Files microcode-20171117/intel-ucode/06-9e-09 and 
> microcode-20180108/intel-ucode/06-9e-09 differ
> Files microcode-20171117/intel-ucode/06-9e-0a and 
> microcode-20180108/intel-ucode/06-9e-0a differ
> Files microcode-20171117/intel-ucode/06-9e-0b and 
> microcode-20180108/intel-ucode/06-9e-0b differ
> Files microcode-20171117/microcode.dat and microcode-20180108/microcode.dat 
> differ
> Files microcode-20171117/releasenote and microcode-20180108/releasenote differ
>
>
> Microcode ID?
>
> $ awk '/cpu family/||/model\t/||/stepping/' /proc/cpuinfo |sort |uniq
>
> and convert it into hex
>

Thanks for this info Leon. Very helpful. I was trying to figure this
out. Intel should make this clear on their microcode download page.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos