Can we expect an armv7hl kernel update to address CVE-2016-5195?
On Friday, 21 October, 2016 21:24 CEST, Ian Pilcher arequipeno@gmail.com wrote:
Can we expect an armv7hl kernel update to address CVE-2016-5195?
For redsleeve (rebuild redhat/centos for armv5) I just made updated kernels for the raspberrypi. the source rpm should be similar for me and for armv7.
I attached my spec file to this mail.
Jacco
At 02:26 PM 10/21/2016, you wrote:
content-type: text/plain; charset=utf-8 content-length: 376
On Friday, 21 October, 2016 21:24 CEST, Ian Pilcher arequipeno@gmail.com wrote:
Can we expect an armv7hl kernel update to address CVE-2016-5195?
For redsleeve (rebuild redhat/centos for armv5) I just made updated kernels for the raspberrypi. the source rpm should be similar for me and for armv7.
I attached my spec file to this mail.
Jacco
Does this mean that raspi2-redsleeve7.2-cli-0.5.img is no longer the "best" image file?
If so, a pointer to its replacement would be greatly appreciated, since tomoorw I'm going to install on Rpi3.
David Kurn
On 10/21/16 23:36, david wrote:
At 02:26 PM 10/21/2016, you wrote:
content-type: text/plain; charset=utf-8 content-length: 376
On Friday, 21 October, 2016 21:24 CEST, Ian Pilcher arequipeno@gmail.com wrote:
Can we expect an armv7hl kernel update to address CVE-2016-5195?
For redsleeve (rebuild redhat/centos for armv5) I just made updated kernels for the raspberrypi. the source rpm should be similar for me and for armv7.
I attached my spec file to this mail.
Jacco
Does this mean that raspi2-redsleeve7.2-cli-0.5.img is no longer the "best" image file?
If so, a pointer to its replacement would be greatly appreciated, since tomoorw I'm going to install on Rpi3.
Well, I was not planning on updating the image each and every time there is a new package out for something that is in the image. So yes, that is still the latest image. The only thing you need to do is a 'yum update' after install.
Jacco
At 02:54 PM 10/21/2016, you wrote:
On 10/21/16 23:36, david wrote:
At 02:26 PM 10/21/2016, you wrote:
content-type: text/plain; charset=utf-8 content-length: 376
On Friday, 21 October, 2016 21:24 CEST, Ian Pilcher arequipeno@gmail.com wrote:
Can we expect an armv7hl kernel update to address CVE-2016-5195?
For redsleeve (rebuild redhat/centos for armv5) I just made updated kernels for the raspberrypi. the source rpm should be similar for me and for armv7.
I attached my spec file to this mail.
Jacco
Does this mean that raspi2-redsleeve7.2-cli-0.5.img is no longer the "best" image file?
If so, a pointer to its replacement would be greatly appreciated, since tomoorw I'm going to install on Rpi3.
Well, I was not planning on updating the image each and every time there is a new package out for something that is in the image. So yes, that is still the latest image. The only thing you need to do is a 'yum update' after install.
Jacco
That's a good policy. The image should only be updated if "yum update" is insufficient. And thanks for the prompt response. David Kurn
I just ran throught the process of updating from kernel 4.2.3-200 to 4.4.26-201 on my Banana Pi. Below are a few issues that I encountered.
* The /boot partition is really small, small enough that trying to install a single kernel update with yum will fail.
* In large part, this is due to the fact that several (apparently) U-Boot-related files get created in /boot:
- uImage - uImage-$(uname -r) - uInitrd - uInitrd-$(uname -r)
As far as I can tell, these files are not actually used by the boot process on the Banana Pi, but they consume 77MB of the 330MB partition.
* During the update process, grubby does not update extlinux.conf. It has to be manually updated in order to boot the new kernel.
(In combination with the previous issue, this makes me suspect that grubby is getting confused and attempting to update a U-Boot configuration, rather than the extlinux configuration.)
* For some reason, the kernel RPM has a dependency on xorg-x11-drv-vmmouse. This was provided by kernel-core-4.4.12-301, but it moved to kernel-headers in subsequent releases. As a result, a simple "yum update" from 4.2.3-200 to 4.4.26-201 will also attempt to install 4.4.12-301 to satisfy this dependency.
On 21/10/16 23:26, Jacco Ligthart wrote:
On Friday, 21 October, 2016 21:24 CEST, Ian Pilcher arequipeno@gmail.com wrote:
Can we expect an armv7hl kernel update to address CVE-2016-5195?
For redsleeve (rebuild redhat/centos for armv5) I just made updated kernels for the raspberrypi. the source rpm should be similar for me and for armv7.
I attached my spec file to this mail.
Jacco
Thanks a lot Jacco,
Both the "upstream/generic" 4.4.26 kernel and the one for rpi are now currently submitted to builders. I'll update this thread as soon as pkg will be available for testing
On 22/10/16 17:05, Fabian Arrotin wrote:
On 21/10/16 23:26, Jacco Ligthart wrote:
On Friday, 21 October, 2016 21:24 CEST, Ian Pilcher arequipeno@gmail.com wrote:
Can we expect an armv7hl kernel update to address CVE-2016-5195?
For redsleeve (rebuild redhat/centos for armv5) I just made updated kernels for the raspberrypi. the source rpm should be similar for me and for armv7.
I attached my spec file to this mail.
Jacco
Thanks a lot Jacco,
Both the "upstream/generic" 4.4.26 kernel and the one for rpi are now currently submitted to builders. I'll update this thread as soon as pkg will be available for testing
"Generic" kernel is still building, but the kernel for raspberrypi2 and 3 is available for testing here : http://armv7.dev.centos.org/repodir/arm-kernels/rpi2-4.4.26/ Please report feedback. If that works for several people, I'll put those in the signing queue
Cheers,
On 22/10/16 17:05, Fabian Arrotin wrote:
On 21/10/16 23:26, Jacco Ligthart wrote:
On Friday, 21 October, 2016 21:24 CEST, Ian Pilcher arequipeno@gmail.com wrote:
Can we expect an armv7hl kernel update to address CVE-2016-5195?
For redsleeve (rebuild redhat/centos for armv5) I just made updated kernels for the raspberrypi. the source rpm should be similar for me and for armv7.
I attached my spec file to this mail.
Jacco
Thanks a lot Jacco,
Both the "upstream/generic" 4.4.26 kernel and the one for rpi are now currently submitted to builders. I'll update this thread as soon as pkg will be available for testing
Just to add that 4.4.26 "generic" is also now built and available for testing (no test on my side yet) : http://armv7.dev.centos.org/repodir/arm-kernels/4.4.26-201/
Cheers,
I tried to do an install over the weekend, but all I got is that http;//redsleeve.org was down.
That put a damper on my progress
Any updates
David
At 02:26 PM 10/21/2016, you wrote:
content-type: text/plain; charset=utf-8 content-length: 376
On Friday, 21 October, 2016 21:24 CEST, Ian Pilcher arequipeno@gmail.com wrote:
Can we expect an armv7hl kernel update to address CVE-2016-5195?
For redsleeve (rebuild redhat/centos for armv5) I just made updated kernels for the raspberrypi. the source rpm should be similar for me and for armv7.
I attached my spec file to this mail.
Jacco
content-type: text/x-rpm-spec content-disposition: attachment; filename="raspberrypi2.spec" content-length: 12758
Arm-dev mailing list Arm-dev@centos.org https://lists.centos.org/mailman/listinfo/arm-dev
On 23/10/16 23:27, david wrote:
I tried to do an install over the weekend, but all I got is that http;//redsleeve.org was down.
That put a damper on my progress
Any updates
David
Hi David,
Maybe it would be worth splitting that thread in multiple parts and so sending everything related to redsleeve to its proper list and not the centos one ? We like collaboration, and really appreciate it, but let's not confuse people coming on the CentOS list for CentOS with another distro ? :-)
-
david -
Fabian Arrotin -
Ian Pilcher -
Jacco Ligthart