Dirty COW exploit patch
Re: Dirty COW exploit patch
Now that Red Hat has patched for Dirty Cow how long does the typically take to flow through CentOS before we get the updated kernel?
Re: Dirty COW exploit patch
It's already there. Run yum update and you should see kernel-3.10.0-327.36.3.el7 and if not, run yum clean all and then try again.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Dirty COW exploit patch
that did it, thank youTrevorH wrote:It's already there. Run yum update and you should see kernel-3.10.0-327.36.3.el7 and if not, run yum clean all and then try again.
-
- Posts: 6
- Joined: 2016/10/24 14:44:05
Re: Dirty COW exploit patch
after I do a yum clean all and then a yum -v info kernel it doesn't show the latest kernel update:
What should I do to get the kernel update that resolves this vulnerability?
Code: Select all
Available Packages
Name : kernel
Arch : x86_64
Version : 3.10.0
Release : 327.36.2.el7
Size : 33 M
Repo : updates/7/x86_64
Committer : CentOS Sources <bugs@centos.org>
Committime : Mon Oct 10 06:00:00 2016
Buildtime : Mon Oct 10 17:53:54 2016
Summary : The Linux kernel
URL : http://www.kernel.org/
License : GPLv2
Description : The kernel package contains the Linux kernel (vmlinuz), the core of any
: Linux operating system. The kernel handles the basic functions
: of the operating system: memory allocation, process allocation, device
: input and output, etc.
Re: Dirty COW exploit patch
Have you hardcoded some specific mirror with baseurl= in your /etc/yum.repos.d/CentOS-Base.repo file (updates section), or do you use the default mirrorlist=http://mirrorlist.centos.org/... configuration?
Perhaps the mirror where you get your updates hasn't synced the new files yet. There is a timestamp.txt file in the mirror's root directory which shows the latest time the data was synced.
Also make sure your updates repository is enabled. Some people disable it for some bizarre reason. You can check that with yum repolist.
Perhaps the mirror where you get your updates hasn't synced the new files yet. There is a timestamp.txt file in the mirror's root directory which shows the latest time the data was synced.
Also make sure your updates repository is enabled. Some people disable it for some bizarre reason. You can check that with yum repolist.
-
- Posts: 6
- Joined: 2016/10/24 14:44:05
Re: Dirty COW exploit patch
Thanks, I've checked everything that you recommended...here's the results:
from my CentOS-Base.repo file:
my mirror's timestamp shows that it was updated recently: http://muug.ca/mirror/centos/timestamp.txt
yum -v repolist shows this:
According to repo-expire, it should have picked up the latest kernel update since the timestamp on the kernel update was this morning.
Any ideas?
from my CentOS-Base.repo file:
Code: Select all
#released updates
[updates]
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
yum -v repolist shows this:
Code: Select all
Repo-id : updates/7/x86_64
Repo-name : CentOS-7 - Updates
Repo-revision: 1477086195
Repo-updated : Fri Oct 21 15:48:38 2016
Repo-pkgs : 2,548
Repo-size : 7.3 G
Repo-mirrors : http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates&infra=stock
Repo-baseurl : http://muug.ca/mirror/centos/7.2.1511/updates/x86_64/ (9 more)
Repo-expire : 21,600 second(s) (last: Tue Oct 25 15:30:16 2016)
Repo-filename: /etc/yum.repos.d/CentOS-Base.repo
Any ideas?
Re: Dirty COW exploit patch
Yes, that mirror seems to be OK. Perhaps it's time to use a bigger hammer.. Try rm -rf /var/cache/yum/x86_64/7/updates
-
- Posts: 6
- Joined: 2016/10/24 14:44:05
Re: Dirty COW exploit patch
ran it...still no change:
yum -v info kernel
yum -v info kernel
Code: Select all
Loading "fastestmirror" plugin
Config time: 0.017
Yum version: 3.4.3
rpmdb time: 0.000
Setting up Package Sacks
updates | 3.4 kB 00:00:00
updates/7/x86_64/primary_db | 8.4 MB 00:00:02
Loading mirror speeds from cached hostfile
* base: centos.mirror.iweb.ca
* extras: muug.ca
* updates: muug.ca
pkgsack time: 6.245
...
Available Packages
Name : kernel
Arch : x86_64
Version : 3.10.0
Release : 327.36.2.el7
Size : 33 M
Repo : updates/7/x86_64
updates/7/x86_64/other_db | 73 MB 00:00:30
Committer : CentOS Sources <bugs@centos.org>
Committime : Mon Oct 10 06:00:00 2016
Buildtime : Mon Oct 10 17:53:54 2016
Summary : The Linux kernel
URL : http://www.kernel.org/
License : GPLv2
Description : The kernel package contains the Linux kernel (vmlinuz), the core of any
: Linux operating system. The kernel handles the basic functions
: of the operating system: memory allocation, process allocation, device
: input and output, etc.
Re: Dirty COW exploit patch
What does rpm -q kernel say?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke