There is a new xen kernel for centos-6 and centos-7 the needs testing in:
http://cbs.centos.org/repos/virt6-xen-common-testing/x86_64/os/Packages/
and
http://cbs.centos.org/repos/virt7-xen-common-testing/x86_64/os/Packages/
Thanks, Johnny Hughes
I presume this addresses CVE-2016-0728?
On 19 January 2016 at 21:02, Johnny Hughes johnny@centos.org wrote:
There is a new xen kernel for centos-6 and centos-7 the needs testing in:
http://cbs.centos.org/repos/virt6-xen-common-testing/x86_64/os/Packages/
and
http://cbs.centos.org/repos/virt7-xen-common-testing/x86_64/os/Packages/
Thanks, Johnny Hughes
CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
On 01/19/2016 03:37 PM, Johnny Hughes wrote:
On 01/19/2016 03:27 PM, Phill Bandelow wrote:
I presume this addresses CVE-2016-0728?
Actually it does not .. they have not rolled that patch into the LTS 3.18 branch at kernel.org yet.
As soon as it hits the LTS tree I will build a new kernel though.
OK .. supposedly, this patch fixes the issue:
I have made this patch apply to the xen kernel sources:
Let's verify that what I am applying is the only real meat to the first patch.
I will build and test this locally to verify that we have the issue before and not after applying that patch.
Then we can test it as a group.
SO .. hold off on testing kernel-3.18.25-17 and I will create a kernel-3.18.25-18 if this fixes the CVE-2016-0728 issue.
Thanks, Johnny Hughes
Ok thanks. I will test it on several development machines once it is ready.
On 19 January 2016 at 22:03, Johnny Hughes johnny@centos.org wrote:
On 01/19/2016 03:37 PM, Johnny Hughes wrote:
On 01/19/2016 03:27 PM, Phill Bandelow wrote:
I presume this addresses CVE-2016-0728?
Actually it does not .. they have not rolled that patch into the LTS 3.18 branch at kernel.org yet.
As soon as it hits the LTS tree I will build a new kernel though.
OK .. supposedly, this patch fixes the issue:
I have made this patch apply to the xen kernel sources:
Let's verify that what I am applying is the only real meat to the first patch.
I will build and test this locally to verify that we have the issue before and not after applying that patch.
Then we can test it as a group.
SO .. hold off on testing kernel-3.18.25-17 and I will create a kernel-3.18.25-18 if this fixes the CVE-2016-0728 issue.
Thanks, Johnny Hughes
CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
On Tue, Jan 19, 2016 at 9:02 PM, Johnny Hughes johnny@centos.org wrote:
There is a new xen kernel for centos-6 and centos-7 the needs testing in:
http://cbs.centos.org/repos/virt6-xen-common-testing/x86_64/os/Packages/
and
http://cbs.centos.org/repos/virt7-xen-common-testing/x86_64/os/Packages/
Thanks, Johnny!
Just a minor question about workflow. I had understood that CentOS wanted the CBS itself to only be used for SIG dev testing; and that for wider testing they wanted to use buildlogs. And so ideally after making sure the basics were in place, you would have tagged it with -testing, and then sent out an announcement asking people to test it by doing "yum --enablerepo=centos-virt-xen-testing update kernel". Was that the idea, or did I miss something?
Thanks, -George
CentOS 7 works fine:
Running transaction Installing : kernel-3.18.25-18.el7.x86_64 1/1
/etc/sysconfig/network-scripts/ifcfg-xenbr0: line 17: 8.8.4.4: command not found GRUB_CMDLINE_XEN_DEFAULT already set in /etc/default/grub, not touching GRUB_CMDLINE_LINUX_XEN_REPLACE_DEFAULT already set in /etc/default/grub, not touching Regenerating grub2 config Generating grub configuration file ... Found linux image: /boot/vmlinuz-3.18.25-18.el7.x86_64 Found initrd image: /boot/initramfs-3.18.25-18.el7.x86_64.img Found linux image: /boot/vmlinuz-3.18.21-17.el7.x86_64 Found initrd image: /boot/initramfs-3.18.21-17.el7.x86_64.img Found linux image: /boot/vmlinuz-3.18.25-18.el7.x86_64 Found initrd image: /boot/initramfs-3.18.25-18.el7.x86_64.img Found linux image: /boot/vmlinuz-3.18.21-17.el7.x86_64 Found initrd image: /boot/initramfs-3.18.21-17.el7.x86_64.img Found linux image: /boot/vmlinuz-3.18.25-18.el7.x86_64 Found initrd image: /boot/initramfs-3.18.25-18.el7.x86_64.img Found linux image: /boot/vmlinuz-3.18.21-17.el7.x86_64 Found initrd image: /boot/initramfs-3.18.21-17.el7.x86_64.img Found linux image: /boot/vmlinuz-3.18.25-18.el7.x86_64 Found initrd image: /boot/initramfs-3.18.25-18.el7.x86_64.img Found linux image: /boot/vmlinuz-3.18.21-17.el7.x86_64 Found initrd image: /boot/initramfs-3.18.21-17.el7.x86_64.img Found linux image: /boot/vmlinuz-3.10.0-327.4.4.el7.x86_64 Found initrd image: /boot/initramfs-3.10.0-327.4.4.el7.x86_64.img Found linux image: /boot/vmlinuz-3.10.0-229.el7.x86_64 Found initrd image: /boot/initramfs-3.10.0-229.el7.x86_64.img Found linux image: /boot/vmlinuz-0-rescue-5d64f5b902f747cd8697961c92f8ca51 Found initrd image: /boot/initramfs-0-rescue-5d64f5b902f747cd8697961c92f8ca51.img done Setting Xen as the default Verifying : kernel-3.18.25-18.el7.x86_64 1/1
Installed: kernel.x86_64 0:3.18.25-18.el7
Complete!
[root@localhost ~]# uname -a Linux localhost 3.18.25-18.el7.x86_64 #1 SMP Tue Jan 19 22:23:47 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
On 20 January 2016 at 11:16, George Dunlap dunlapg@umich.edu wrote:
On Tue, Jan 19, 2016 at 9:02 PM, Johnny Hughes johnny@centos.org wrote:
There is a new xen kernel for centos-6 and centos-7 the needs testing in:
http://cbs.centos.org/repos/virt6-xen-common-testing/x86_64/os/Packages/
and
http://cbs.centos.org/repos/virt7-xen-common-testing/x86_64/os/Packages/
Thanks, Johnny!
Just a minor question about workflow. I had understood that CentOS wanted the CBS itself to only be used for SIG dev testing; and that for wider testing they wanted to use buildlogs. And so ideally after making sure the basics were in place, you would have tagged it with -testing, and then sent out an announcement asking people to test it by doing "yum --enablerepo=centos-virt-xen-testing update kernel". Was that the idea, or did I miss something?
Thanks, -George _______________________________________________ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
On 01/20/2016 05:16 AM, George Dunlap wrote:
On Tue, Jan 19, 2016 at 9:02 PM, Johnny Hughes johnny@centos.org wrote:
There is a new xen kernel for centos-6 and centos-7 the needs testing in:
http://cbs.centos.org/repos/virt6-xen-common-testing/x86_64/os/Packages/
and
http://cbs.centos.org/repos/virt7-xen-common-testing/x86_64/os/Packages/
Thanks, Johnny!
Just a minor question about workflow. I had understood that CentOS wanted the CBS itself to only be used for SIG dev testing; and that for wider testing they wanted to use buildlogs. And so ideally after making sure the basics were in place, you would have tagged it with -testing, and then sent out an announcement asking people to test it by doing "yum --enablerepo=centos-virt-xen-testing update kernel". Was that the idea, or did I miss something?
That workflow works George .. I didn't know if the stuff would end up on buildlogs or not (if that was automatic) .. but it is. So from now on, I will do it that way :)
-
George Dunlap -
Johnny Hughes -
Phill Bandelow