[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] Major image push for glibc?

On 19/02/16 17:14, Josh Berkus wrote:
> Folks,
> Given the glibc exploit, it seems like we're going to need to push new
> images across all Atomic projects which distribute images, no?
> What all does this consist of?  ADB, the various Atomic Hosts (which
> presumably will be taken care of by their respective RelEng teams),
> anything else?

the ADB Box already includes the updated glibc, the build ran a few
minutes after the update got released.

yum install centos-release-scl
yum install sclo-vagrant1 ; scl enable sclo-vagrant1 /bin/bash
vagrant init projectatomic/adb
vagrant up
vagrant ssh -c "rpm -q glibc --changelog | grep -i cve-2015-7547"
  CVE-2015-7547 fix (#1296030).
- Fix CVE-2015-7547: getaddrinfo() stack-based buffer overflow (#1296030).
Connection to closed.

for the CentOS Atomic Host, we are going to look at rolling in the next
update set from upstream ( including etcd/ flannel / kubernetes etc )
and get an image out in the coming days. This will likely become our Feb
2016 build ( we aim to get one every month ).


Karanbir Singh
+44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh
GnuPG Key : http://www.karan.org/publickey.asc

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]