Re: is it possible to update kernel on out-of-data SL5?
On Jun 22, 2017, at 00:07 , WILLIAM J LUTTER wrote: > Recently there has been the "stack-clash" exploit that impacts several OS > including linux > > (CVE-2017-1000364). Unfortunately, I maintain several old SL5 PCs. For > instance, one of them is 5.7 with a 2.6.18-419 kernel. Which until a couple of weeks ago was ok (if you subscribe to TUV's point of view regarding urgency/criticality of fixes), thanks to SL allowing "sitting on a release". > I suppose that kernels for SL/Centos/Redhat kernels that would be compatible > with say SL5.7 are not maintained, so when exploits get too bad, then time to > install SL7? Well, if 10 years of SL5 life weren't sufficient, you can purchase a RHEL subscription plus ELS add-on for each of your legacy systems, which would buy you three more years. AFAIK Oracle claims to support its products (including their RHEL clone) "forever" if you just have the money. > Are there kernels that are kept up to date that could be installed for older > SL5 via rpmfind or some such repo/download site? It should still be possible to run SL5 with a mainline kernel. ELRepo used to maintain such kernels, readily packaged for EL, but I'm not sure whether they still do for EL5. Probably not. Note that the kernel change is only part of the solution for the "stack clash" issue. It won't help much without the corresponding glibc changes. "Containers" may come to the rescue. If your users still requiring an EL5 environment would get along with an EL5 Singularity container, that would work around the issue. -- Stephan Wiesand DESY -DV- Platanenenallee 6 15738 Zeuthen, Germany
Re: is it possible to update kernel on out-of-data SL5?
Not trustworthy ones On Jun 21, 2017 6:08 PM, "WILLIAM J LUTTER"wrote: > Recently there has been the "stack-clash" exploit that impacts several OS > including linux > > (CVE-2017-1000364). Unfortunately, I maintain several old SL5 PCs. For > instance, one of them is 5.7 with a 2.6.18-419 kernel. > > > I suppose that kernels for SL/Centos/Redhat kernels that would be > compatible with say SL5.7 are not maintained, so when exploits get too bad, > then time to install SL7? > > > Are there kernels that are kept up to date that could be installed for > older SL5 via rpmfind or some such repo/download site? > > > Bill Lutter >
is it possible to update kernel on out-of-data SL5?
Recently there has been the "stack-clash" exploit that impacts several OS including linux (CVE-2017-1000364). Unfortunately, I maintain several old SL5 PCs. For instance, one of them is 5.7 with a 2.6.18-419 kernel. I suppose that kernels for SL/Centos/Redhat kernels that would be compatible with say SL5.7 are not maintained, so when exploits get too bad, then time to install SL7? Are there kernels that are kept up to date that could be installed for older SL5 via rpmfind or some such repo/download site? Bill Lutter
Re: Security ERRATA Important: kernel on SL6.x i386/x86_64
This particular email was sent to the errata list, but the reply-to header is set to the users lists... On 06/21/2017 02:47 AM, Bill Maidment wrote: Aha. Thanks for that. How many mailing lists do we need??? I got confused (not difficult at my age) as the response came on the User list. Anyway, I echo the response. The team always seems to be on top of security issues. Thank you (and the community) for being so friendly and helpful. Cheers Bill -Original message- From:Hans Kristian RosbachSent: Wednesday 21st June 2017 17:30 To: Bill Maidment ; scientific-linux-us...@listserv.fnal.gov Subject: Re: Security ERRATA Important: kernel on SL6.x i386/x86_64 I think that mail came from the scientific-linux-err...@listserv.fnal.gov list, so you might have been removed from that list for some reason, but not from the users list for example. -- Hans Kristian Rosbach Servebolt.com / Raske Sider On 06/21/2017 12:41 AM, Bill Maidment wrote: Hi. Is there something wrong with this mailing list? I received this response, but I never received the original message. This is not the first time I have noticed this. Cheers Bill -Original message- From:Stephan Wiesand Sent: Wednesday 21st June 2017 2:58 To: scientific-linux-us...@listserv.fnal.gov Subject: Re: Security ERRATA Important: kernel on SL6.x i386/x86_64 Kudos to the SL team at FNAL for once again getting the updates for a really nasty issue out incredibly quickly. Impressive. -- Stephan Wiesand DESY -DV- Platanenenallee 6 15738 Zeuthen, Germany
RE: Security ERRATA Important: kernel on SL6.x i386/x86_64
Aha. Thanks for that. How many mailing lists do we need??? I got confused (not difficult at my age) as the response came on the User list. Anyway, I echo the response. The team always seems to be on top of security issues. Thank you (and the community) for being so friendly and helpful. Cheers Bill -Original message- > From:Hans Kristian Rosbach> Sent: Wednesday 21st June 2017 17:30 > To: Bill Maidment ; scientific-linux-us...@listserv.fnal.gov > Subject: Re: Security ERRATA Important: kernel on SL6.x i386/x86_64 > > I think that mail came from the > scientific-linux-err...@listserv.fnal.gov list, so you might > have been removed from that list for some reason, but not from the users > list for example. > > -- > Hans Kristian Rosbach > Servebolt.com / Raske Sider > > On 06/21/2017 12:41 AM, Bill Maidment wrote: > > Hi. Is there something wrong with this mailing list? I received this > > response, but I never received the original message. This is not the first > > time I have noticed this. > > Cheers > > Bill > > > > > > -Original message- > >> From:Stephan Wiesand > >> Sent: Wednesday 21st June 2017 2:58 > >> To: scientific-linux-us...@listserv.fnal.gov > >> Subject: Re: Security ERRATA Important: kernel on SL6.x i386/x86_64 > >> > >> Kudos to the SL team at FNAL for once again getting the updates for a > >> really nasty issue out incredibly quickly. Impressive. > >> > >> -- > >> Stephan Wiesand > >> DESY -DV- > >> Platanenenallee 6 > >> 15738 Zeuthen, Germany > >> > >> > >
Re: Security ERRATA Important: kernel on SL6.x i386/x86_64
I think that mail came from the scientific-linux-err...@listserv.fnal.gov list, so you might have been removed from that list for some reason, but not from the users list for example. -- Hans Kristian Rosbach Servebolt.com / Raske Sider On 06/21/2017 12:41 AM, Bill Maidment wrote: Hi. Is there something wrong with this mailing list? I received this response, but I never received the original message. This is not the first time I have noticed this. Cheers Bill -Original message- From:Stephan WiesandSent: Wednesday 21st June 2017 2:58 To: scientific-linux-us...@listserv.fnal.gov Subject: Re: Security ERRATA Important: kernel on SL6.x i386/x86_64 Kudos to the SL team at FNAL for once again getting the updates for a really nasty issue out incredibly quickly. Impressive. -- Stephan Wiesand DESY -DV- Platanenenallee 6 15738 Zeuthen, Germany