CentOS 5 :: Patch/security Updates For 5
Dec 2, 2009Is there a mailing list or an alert where I can subscribe to, so I know if there's critical or moderate patches I have to apply to my Centos 5 servers.
View 5 RepliesIs there a mailing list or an alert where I can subscribe to, so I know if there's critical or moderate patches I have to apply to my Centos 5 servers.
View 5 RepliesI just put the latest updates onto My CentOS 5.6 server. It started life as a 5.4 Server, then the upgrades took it to 5.6.
The latest updates did a Kernel Update and the server sent me two messages : -
-----BEGIN MESSAGE-----
[2011-06-08T12:37:17+0200] centos54.xxx.yyyyy.com
ALERT : [2011-06-08T12:37:17+0200] msg=<START>, program=<Samhain>, userid=<0>, path=</etc/samhainrc>, hash=<256A548F71A768CC1E054F0C1E90E8674D36A09BDF9E5D13>, path=</var/lib/samhain/samhain_file>,
[Code]....
So, it is my understanding that Ubuntu's automatic updates do not install ANY updates that are not "important security updates." For example, it did not upgrade me to Firefox 4 automatically; I had to do it myself (Don't all new browser versions usually contain new security features/patches? Oh well...That is a separate question entirely).
ANYWAY, is there some way to get the latest stable versions of all of my open-source software automatically (or at least all at once, on command), instead of just security updates? It seems silly to have to install new versions for every program manually.
Also, related/side question: Now that I have installed Firefox 4 myself (via apt-get by adding the mozilla-stable PPA), will I stop getting security updates for Firefox through the standard Ubuntu update manager?
Actually, a really thorough explanation of the whole automatic update system (or a link to one) would be great too.
This post concerns info found at [URL]. My question is: How do I get the patch. The author makes ref. to "his" git repo and the patch for TOR. I guess the patch allows the use of some compile time options that can harden the build. I looked through the change log of TOR and couldn't see any of the options referenced by Jacob in his post. I have read on the net that compile time hardening options are part of the gnu compiler, not the application to be compiled. Is this true?
View 5 Replies View RelatedMy system is trying to install security update, but I get the following message: A package could not that allows the task to complete.
Details are as follows:
patch:libfreebl3-2258.noarch conflicts with libfreebl3-32bit.x86_64 < 3.12.6-3.1.1 provided by libfreebl3-32bit-3.12.6-2.pm.6.2.x86_64
I have SuSE 11.2. There is a security patch for Mozilla NSS Library. However, I get told by YaST that the libfreebl3-3241.noarch conflicts with mozilla-nspr.i586. (There's also a patch for glibc but apparently, it is not "willing" to install this without installing the other patch first). Anyway, I did the following: zypper lp and then rpm -qi libfreebl3 and then zypper lr -d.
Here are the results:
Code:
zypper lp
Repository 'Updates for openSUSE 11.2-0' is out-of-date. You can run 'zypper refresh' as root to update it.
Loading repository data...
Reading installed packages.....
Code:
zypper refresh
Repository '11.2' is up to date.
Repository 'Education' is up to date.
Repository 'Printing' is up to date.
Retrieving repository 'games' metadata [done]
Building repository 'games' cache [done]
Retrieving repository 'Updates for openSUSE 11.2-0' metadata [done]
Building repository 'Updates for openSUSE 11.2-0' cache [done]
Repository 'mozilla/openSUSE_11.2' is up to date.
Repository 'openSUSE-11.2-Non-Oss' is up to date.
Repository 'openSUSE-11.2-Oss' is up to date.
All repositories have been refreshed. I don't know what to do. In order to update FireFox, (on Aug 1, 2010) I had to do as posted in this thread: (instructions by caf4926) Updating firefox. So, I followed these directions: ImageBam - Fast, Free Image Hosting and Photo Sharing. Now what do I do?
Does anyone know if this kernel patch has been applied to any 11.04 kernels? [URL]
View 5 Replies View RelatedThis may be a stupid (?) question, but does any one know of a patch for sudo that allows the sudoers information to be pulled from mySQL?
I run multiple servers with multiple people working on them and would like a one-stop update of permissions.
Yes, I could use rsync or the like, but I'm just wondering if this has been done, or could be done.
(Sorry if this is the wrong forum, I'm kinda new around here, posting wise and this seemed to fit. Feel free to move it if it's not)
So yesterday I receive a copy of the SANS @RISK security vulnerability newsletter, and, lo and behold, Mozilla's Firefox and Thunderbird are on it yet again. (Yeah, I know, shocking, isn't it?)So I quickly check what versions I have installed. Yup: Vulnerable.I check whether updates are available.These are pretty serious "remote code execution" vulnerabilities and the status is "vendor confirmed, updates available." So why isn't my 9.10 desktop's update manager telling me updates are available?
View 9 Replies View RelatedI'm new to server admin, so my question is based on what may be a bad assumption. With a server, my assumption is "if it ain't broke, don't fix it". In other words, I'm not really interested in upgrading the software to the latest and greatest if I already have stuff working on the server.
However, the one place where I DO want to constantly have upgrades is for security patches. How do I apply security updates to Ubuntu Server... and ONLY security updates?
With an Ubuntu 10.10 upgraded from 10.04, under Software Sources, Updates, there is a radio button marked "Install security updates without confirmation." I have this radio button marked, but still get "Important security updates" almost daily in my update manager. I don't remember this feature actually ever working.
View 9 Replies View RelatedIs there a way to to check if the system has the available security updates installed? Specifically, I am looking to do this programmatically.
View 1 Replies View RelatedI'm running CentOS 5.4 and noticed that for the past month there haven't been any new updates showing up either on 'yum check-update' or 'yum update' (I'm interested in basic and security updates). Although this may be right, I wonder if there is an online reference where I can check the updates that are released for CentOS (security bulletins) and make sure if there is anything wrong with my update system.
View 11 Replies View RelatedI just want to upgrade my Slackware 13.1 kernel (2.6.33.4) to the latest stable kernel from kernel.org (2.6.38.2). I have never done anything like this and I am a Linux newbie, so I would appreciate a "Kernel Patching for Dummies" version if possible. I did do a search on this forum and most of what I read was over my head. I found an FAQ on kernelnewbies.org on "How To Apply A Patch" but when I attempted what they suggested, it said it couldn't find the file to patch at line 5 and asked me which file to patch. So I CTRL-Z'd out of there and came here. Here's what I tried:
[code]...
When booting up the system I noticed that there is a statement of a CPUid patch listed as systems boots.
View 1 Replies View RelatedDoes anyone know when we'll see Firefox 3.0.19 packaged for 8.04 LTS? I'm still stuck at 3.0.18. And what will happen after this? My understanding is that after .19 Mozilla is dropping support for FF 3.0.
Upgrade policies not withstanding, I find it rather annoying when an "LTS" release doesn't keep up with the most security-critical package in the distro, the browser. 8.04 LTS should have moved to FF 3.5+ a *long* time ago. Now it seems it will be forced to do so or else just forget about browser updates for the last year of 8.04?
I know I can install the current Firefox with ubuntuzilla, I just keep wishing Ubuntu would do it for me.
A site -- to -- site vpn need NAT-T . But I don't know whether the Centos_5.2 support that function default, or I have to patch it by myself.If I should patch it all by myself, How to do it ? VPN suite: OPENSWAN KERNEL version : 2.6.18-92.1.22.el5 i686
View 1 Replies View RelatedI have this project at work. We are a MS Windows shop, and I am "supposed" to be the linux expert, which means, linux support, it's me. I have worked with linux maintaining PCs at home with different versions of linux since 1995, jumping from Slackware to Ubuntu.
Now, I have two CentOS 5.6 boxes, and I need to control the patching process. the boxes are hosting an application which we don't manage. So. one box in production, one box in development. The idea is that the box in development wil use yum in a standard way and download whatever patches are needed, and the application is tested. When the testing is done (this can take minutes, hours, or days) then the production box gets patched.
The problem is that I need to garantee that exactly the same patches are applied in development and in production.
the development box downloads the patches from the internet, but the production box gets it's patches from the development box, not the internet. I have played around with making local repos on the development box and samba, or rsync the /var/yum/cache, and to change the yum.repo.d CentOS-base.repo to force the prod to go to the dev box, without success.
From last few days i stuck with error in installing CentOS 5.5 ISO using USB stick, I have customized ISO from cent os tree 5.5 and update.(customization with respect to the package removing like openoffice, X-window, Gnome ...)
Here are some details
anaconda : anaconda-11.1.2.209-1.el5.centos
kernel : kernel-2.6.18-194.26.1.el5
I am using MySQL 5.0.77 Version rpm on CentOS 5 Red Hat Linux. I want to install micro second slow query log patch on this MySQL S/W version.As I found the slow query micro second patch on percona site i.e. [URL]step by step to install above mentioned patch with rpm based MySQL installation? Do we need MySQL source files to apply patch ?
View 13 Replies View RelatedI'm trying to recompile racoon with libradius support however I'm having issues getting it to play nicely. It appears racoon uses the following implementation of tacacs+libradius [URL] however I'm having trouble compiling it:With a base configure and make I'm receiving the following:
[code]....
I'm trying to recompile racoon with libradius support however I'm having issues getting it to play nicely. It appears racoon uses the following implementation of tacacs+libradius [URL] however I'm having trouble compiling it: With a base configure and make I'm receiving the following:
[Code]...
is there a way to remove a patch from a kernel?
I need to apply a squashfs-lzma patch (squashfs 4.1cvs) to the liquorix kernel source which is already patched with squashfs 4.0.
how would I do that?I tried googling got this. url
but I dont know the command used to apply the patch the patch is called
35.4-3.patch.gz
url
but that patch includes more than squashfs,etc
In general CentOS search automatically after startup for available software updates.Then after some (~20-30) minutes an icon appears in the toolbar which the user can click and install the updates.How can I manually speed up/trigger IMMEDIATELY the search for updates (without waiting for the built-in search)?
View 3 Replies View RelatedI'm trying to install a patch but when I copy it into terminal I get message " /home/john/patch-modules_v62-opensuse.sh 'vmware-7.1.3-2.6.37-rc5.patch' not found. copy it to the current '/home/john' directory. Exiting" But I have it in my home directory!
View 3 Replies View RelatedThere have been no updates recently (for almost two months) on any of my CentOS 5.5 boxes when I run 'yum check-update'. I may be misunderstanding the repo setup, but looking at the file mod dates, it seems that there hasn't been an update since 2011-01-06:[URL]...Meanwhile, a prominent North American Enterprise Linux vendor has had multiple security and bug fixes since then:[URl]...Is CentOS 5.5 still getting updated, or am I missing something (quite possible).
View 12 Replies View RelatedAfter doing an update a couple of days ago (had previously upgraded to 5.6), the font size in firefox (file forward reload, etc), terminal and the panel (using xfce) are significately smaller. Searching the web, mail lists and the forums have not resulted in finding anyone else with this problem. I did notice that glibc has a bug that is currently being worked on at Redhat but it is unclear if the font problem I am seeing is related. Note also, that the initial upgrade to Centos 5.6 was successful.
View 8 Replies View RelatedI recently reported a bug in a package, which was fixed upstream and in the Debian package, but the bug was not security-related. The Debian settings on all of the computers is set to receive only the security updates. The other setting for proposed updates, is currently not enabled
Must Proposed Updates be enabled, in order to receive the non-security updates, including the update to the package in question?
Just a week or so back when i run update manager I can no longer install any security updates - its all grey in the tick boxes.
How do I remedy this ?
What is the easiest and proper way to get security updates for slackware.
View 13 Replies View Related