運用中のCentOS 7.2の保守です。
1 |
# yum check-update |
kernelやopensslなどが更新されていましたのでアップデートを実行。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
# yum -y update (snip) 更新: chkconfig.x86_64 0:1.3.61-5.el7_2.1 device-mapper.x86_64 7:1.02.107-5 device-mapper-event.x86_64 7:1.02.107-5.el7_2.2 device-mapper-event-libs.x86_64 7 device-mapper-libs.x86_64 7:1.02.107-5.el7_2.2 glibc.x86_64 0:2.17-106.el7_2.6 glibc-common.x86_64 0:2.17-106.el7_2.6 glibc-devel.x86_64 0:2.17-106.el7 glibc-headers.x86_64 0:2.17-106.el7_2.6 httpd.x86_64 0:2.4.6-40.el7.cento httpd-tools.x86_64 0:2.4.6-40.el7.centos.1 kernel-headers.x86_64 0:3.10.0-32 kernel-tools.x86_64 0:3.10.0-327.18.2.el7 kernel-tools-libs.x86_64 0:3.10.0 kpartx.x86_64 0:0.4.9-85.el7_2.4 libgudev1.x86_64 0:219-19.el7_2.9 libtevent.x86_64 0:0.9.26-1.el7_2.1 lvm2.x86_64 7:2.02.130-5.el7_2.2 lvm2-libs.x86_64 7:2.02.130-5.el7_2.2 mod_ssl.x86_64 1:2.4.6-40.el7.cen openssl.x86_64 1:1.0.1e-51.el7_2.5 openssl-libs.x86_64 1:1.0.1e-51.e pcre.x86_64 0:8.32-15.el7_2.1 pcre-devel.x86_64 0:8.32-15.el7_2 python-perf.x86_64 0:3.10.0-327.18.2.el7 systemd.x86_64 0:219-19.el7_2.9 systemd-libs.x86_64 0:219-19.el7_2.9 systemd-python.x86_64 0:219-19.el systemd-sysv.x86_64 0:219-19.el7_2.9 完了しました! |
ちょっと更新ログの確認
- Kernel
- openssl
- httpd
1 2 3 4 5 6 7 8 9 10 11 |
# rpm -q --changelog kernel-3.10.0-327.18.2.el7 | head * 木 5月 12 2016 CentOS Sources <bugs@centos.org> - 3.10.0-327.18.2.el7 - Apply debranding changes * 金 4月 08 2016 Alexander Gordeev <agordeev@redhat.com> [3.10.0-327.18.2.el7] - [lib] keys: Fix ASN.1 indefinite length object parsing (David Howells) [1308814 1308815] {CVE-2016-0758} * 月 4月 04 2016 Alexander Gordeev <agordeev@redhat.com> [3.10.0-327.18.1.el7] - [scsi] bnx2fc: Fix FCP RSP residual parsing (Maurizio Lombardi) [1322279 1306342] - [mm] madvise: fix MADV_WILLNEED on shmem swapouts (Mitsuhiro Tanino) [1319845 1312729] - [scsi] bnx2fc: Remove explicit logouts (Maurizio Lombardi) [1317591 1303027] |
1 2 3 4 5 6 7 8 9 10 11 |
# rpm -q --changelog openssl | head * 金 4月 29 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.5 - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVP_EncryptUpdate() - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108 - memory corruption in ASN.1 encoder - fix CVE-2016-2109 - possible DoS when reading ASN.1 data from BIO - fix CVE-2016-0799 - memory issues in BIO_printf * 水 2月 24 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.4 - fix CVE-2016-0702 - side channel attack on modular exponentiation |
1 2 3 4 5 6 7 8 9 10 11 |
# rpm -q --changelog httpd | head * 木 5月 12 2016 CentOS Sources <bugs@centos.org> - 2.4.6-40.el7.centos.1 - Remove index.html, add centos-noindex.tar.gz - change vstring - change symlink for poweredby.png - update welcome.conf with proper aliases * 月 3月 21 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-40.1 - fix apache user creation when apache group already exists (#1319001) * 木 9月 17 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-40 |
夜にでも再起動するかな。