Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updating oraclelinux:7.4 for CVE-2017-3144 #3943

Merged
merged 1 commit into from
Jan 26, 2018
Merged

Updating oraclelinux:7.4 for CVE-2017-3144 #3943

merged 1 commit into from
Jan 26, 2018

Conversation

Djelibeybi
Copy link
Contributor

Signed-off-by: Avi Miller <[email protected]>
@tianon
Copy link
Member

tianon commented Jan 26, 2018

lol "dhcp security update"

Diff:
diff --git a/oraclelinux_7.4/oraclelinux-7.4-rootfs.tar.xz b/oraclelinux_7.4/oraclelinux-7.4-rootfs.tar.xz
index 9dbf7a0..b38f7af 100644
Binary files a/oraclelinux_7.4/oraclelinux-7.4-rootfs.tar.xz and b/oraclelinux_7.4/oraclelinux-7.4-rootfs.tar.xz differ
diff --git a/oraclelinux_7.4/oraclelinux-7.4-rootfs.tar.xz  'tar -t' b/oraclelinux_7.4/oraclelinux-7.4-rootfs.tar.xz  'tar -t'
index 0d8a3af..a8c484c 100644
--- a/oraclelinux_7.4/oraclelinux-7.4-rootfs.tar.xz  'tar -t'	
+++ b/oraclelinux_7.4/oraclelinux-7.4-rootfs.tar.xz  'tar -t'	
@@ -1288,7 +1288,7 @@
 ./usr/lib64/libaudit.so.1.0.0
 ./usr/lib64/libauparse.so.0
 ./usr/lib64/libauparse.so.0.0.0
-./usr/lib64/libbfd-2.25.1-32.base.el7_4.1.so
+./usr/lib64/libbfd-2.25.1-32.base.el7_4.2.so
 ./usr/lib64/libblkid.so.1
 ./usr/lib64/libblkid.so.1.1.0
 ./usr/lib64/libBrokenLocale-2.17.so
@@ -1489,7 +1489,7 @@
 ./usr/lib64/libnssutil3.so
 ./usr/lib64/libomapi.so.0
 ./usr/lib64/libomapi.so.0.0.0
-./usr/lib64/libopcodes-2.25.1-32.base.el7_4.1.so
+./usr/lib64/libopcodes-2.25.1-32.base.el7_4.2.so
 ./usr/lib64/libp11-kit.so.0
 ./usr/lib64/libp11-kit.so.0.3.0
 ./usr/lib64/libpamc.so.0
@@ -3689,7 +3689,7 @@
 ./usr/lib64/python2.7/site-packages/pyliblzma-0.5.3-py2.7.egg-info/SOURCES.txt
 ./usr/lib64/python2.7/site-packages/pyliblzma-0.5.3-py2.7.egg-info/top_level.txt
 ./usr/lib64/python2.7/site-packages/pyOpenSSL-0.13.1-py2.7.egg-info
-./usr/lib64/python2.7/site-packages/python_dmidecode-3.12.2-py2.7.egg-info
+./usr/lib64/python2.7/site-packages/python_dmidecode-3.10.13-py2.7.egg-info
 ./usr/lib64/python2.7/site-packages/pyxattr-0.5.1-py2.7.egg-info/
 ./usr/lib64/python2.7/site-packages/pyxattr-0.5.1-py2.7.egg-info/dependency_links.txt
 ./usr/lib64/python2.7/site-packages/pyxattr-0.5.1-py2.7.egg-info/PKG-INFO

@Djelibeybi
Copy link
Contributor Author

lol "dhcp security update"

Yeah, I know, but it's in the image and our policy is to update for all CVEs, so here we all are.

@tianon
Copy link
Member

tianon commented Jan 26, 2018

LGTM

Build test of #3943; 03cbb56; amd64 (oraclelinux):

$ bashbrew build oraclelinux:7-slim
Building bashbrew/cache:a13187be99d1be5f5d6c376d820f9a6ae145b02c572f1325783037ccbfb3a422 (oraclelinux:7-slim)
Tagging oraclelinux:7-slim

$ test/run.sh oraclelinux:7-slim
testing oraclelinux:7-slim
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build oraclelinux:latest
Building bashbrew/cache:b034f92a3a31b879fdb0ebd0f464224bc492bf4bed1de85449ae1971cbffc85d (oraclelinux:latest)
Tagging oraclelinux:latest
Tagging oraclelinux:7
Tagging oraclelinux:7.4

$ test/run.sh oraclelinux:latest
testing oraclelinux:latest
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build oraclelinux:7.3
Building bashbrew/cache:b15a67c73e1c296d73c702ab8f4b22ab66cfa142f648f15f9b51eea0a5c19bdb (oraclelinux:7.3)
Tagging oraclelinux:7.3

$ test/run.sh oraclelinux:7.3
testing oraclelinux:7.3
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build oraclelinux:7.2
Building bashbrew/cache:fb880deb3165c98b8d73e4182dc2bea542cdb6b8a4e81be0601be230e0652226 (oraclelinux:7.2)
Tagging oraclelinux:7.2

$ test/run.sh oraclelinux:7.2
testing oraclelinux:7.2
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build oraclelinux:7.1
Building bashbrew/cache:b1aea8e7ab761d9de248ec52c026e8e47f28af41f63c59d1ff09241f540d9a98 (oraclelinux:7.1)
Tagging oraclelinux:7.1

$ test/run.sh oraclelinux:7.1
testing oraclelinux:7.1
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build oraclelinux:7.0
Building bashbrew/cache:7e1b19f93cff7731233a8e05afa6839b1b99f64299a3db333b4b07411b435447 (oraclelinux:7.0)
Tagging oraclelinux:7.0

$ test/run.sh oraclelinux:7.0
testing oraclelinux:7.0
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build oraclelinux:6-slim
Building bashbrew/cache:bd9b9d7c6d98d9d9c5cab888596c6900015e10a52e0b5a652314f716acf80ebb (oraclelinux:6-slim)
Tagging oraclelinux:6-slim

$ test/run.sh oraclelinux:6-slim
testing oraclelinux:6-slim
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build oraclelinux:6
Building bashbrew/cache:8d22d514ee969f09a283b80522aead5f6d592c764da7421947b0b87ed88607b0 (oraclelinux:6)
Tagging oraclelinux:6
Tagging oraclelinux:6.9

$ test/run.sh oraclelinux:6
testing oraclelinux:6
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build oraclelinux:6.8
Building bashbrew/cache:36864b12c428394cb7ddbed9d675590f5e13eeb29ba4039d4e008664e92628c2 (oraclelinux:6.8)
Tagging oraclelinux:6.8

$ test/run.sh oraclelinux:6.8
testing oraclelinux:6.8
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build oraclelinux:6.7
Building bashbrew/cache:0893428565e47f4b62a92c7abe6136589d023af55703be2f3696d3ac4e20171a (oraclelinux:6.7)
Tagging oraclelinux:6.7

$ test/run.sh oraclelinux:6.7
testing oraclelinux:6.7
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed


$ bashbrew build oraclelinux:6.6
Building bashbrew/cache:6630c6c729222476a41542dbb962cb79b34694c4ba9b23f1c4b4733fb24db9af (oraclelinux:6.6)
Tagging oraclelinux:6.6

$ test/run.sh oraclelinux:6.6
testing oraclelinux:6.6
	'utc' [1/4]...passed
	'cve-2014--shellshock' [2/4]...passed
	'no-hard-coded-passwords' [3/4]...passed
	'override-cmd' [4/4]...passed

@tianon tianon merged commit 9277277 into docker-library:master Jan 26, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants