Johnny Hughes
2015-Jul-27 09:03 UTC
[CentOS] CentOS Continuous Release Repository updated with CentOS-6.7 RPMs
The packages that will become CentOS-6.7, as well as updates completed for CentOS-6.7 to date are now released into the CentOS-6.6 Continuous Release (CR) repository. All packages except for the centos-release RPM are included. The purpose of the CR repository is to make the built packages optionally available to users who opt in while we work on the CentOS-6.7 install tree and all the CentOS-6.7 install media and images. Normally the full release follows the CR release in 7-14 days if you do not use the CR process. For more info on the CR repository, see this link: http://wiki.centos.org/AdditionalResources/Repositories/CR If you want to enable CR on CentOS-6.6, use the command: yum install centos-release-cr You would then get the updates with the command: yum upgrade Known issues: 1. sssd-common is no longer multilib in CentOS 6.7. If you have the 32bit sssd-common installed on your x86_64 system, you will need to remove it with yum remove sssd-common.i686 prior to updating. 2. The boost RPMs are built with cmake-2.8 and the configuration files produced cause issues building some source code. There are an upstream bugs here (which is likely NOT being fixed): https://bugzilla.redhat.com/show_bug.cgi?id=849791 https://bugzilla.redhat.com/show_bug.cgi?id=1245805 and there are related CentOS issues found previously: http://bugs.centos.org/view.php?id=8117 If you are using boost to create packages, you can use the switch: "-DBoost_NO_BOOST_CMAKE=ON" To build sources that exhibit this issue. 3. The satyr package from EPEL is newer than the version included in CentOS-6.7. The package from EPEL seems to work OK as well, but they are likely to remove it as it also conflicts with RHEL-6.7. We have not observed any negative impacts from this issue. 4. yum-plugin-downloadonly has been obsoleted by yum and that functionality is now built into the default yum package. More information: 1. These CentOS packages are built from the RHEL-6.7 source code released by Red Hat on July 22, 2015. Please review the release and technical notes for that release here: http://red.ht/1JnEsVQ http://red.ht/1gdBkRu 2. The CentOS release notes for CentOS-6.7, currently a work in progress and not really complete until the final 6.7 release, are available here: http://wiki.centos.org/Manuals/ReleaseNotes/CentOS6.7 3. The package set includes 243 Source RPMs updated and are broken down as: 21 Security Updates: 0 Critical Security 1 Important Security 16 Moderate Security 4 Low Security 25 Enhancement Updates 197 Bugfix Updates Individual per-package release announcements are available here: http://lists.centos.org/pipermail/centos-cr-announce/2015-July/thread.html -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20150727/9eccd5cf/attachment-0001.sig>
Peter Kjellstrom
2015-Jul-28 08:42 UTC
[CentOS] CentOS Continuous Release Repository updated with CentOS-6.7 RPMs
On Mon, 27 Jul 2015 04:03:14 -0500 Johnny Hughes <johnny at centos.org> wrote:> The packages that will become CentOS-6.7, as well as updates completed > for CentOS-6.7 to date are now released into the CentOS-6.6 Continuous > Release (CR) repository....> 3. The package set includes 243 Source RPMs updated and are broken > down as: > > 21 Security Updates: > 0 Critical Security > 1 Important Security > 16 Moderate Security > 4 Low SecurityAnd that "1" important above is quite important. See RHSA-2015-1482 (CVE-2015-3245, CVE-2015-3246) pkg libuser: local root with exploit in the wild. Maybe it's even worth cherry picking that package over to 6-updates asap? (as a side note c5 is also affected but no update exists or is planned afaict). /Peter -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Leon Fauster
2015-Aug-01 22:58 UTC
[CentOS] CentOS Continuous Release Repository updated with CentOS-6.7 RPMs
Am 27.07.2015 um 11:03 schrieb Johnny Hughes <johnny at centos.org>:> The packages that will become CentOS-6.7, as well as updates completed > for CentOS-6.7 to date are now released into the CentOS-6.6 Continuous > Release (CR) repository. > > All packages except for the centos-release RPM are included. > > The purpose of the CR repository is to make the built packages > optionally available to users who opt in while we work on the CentOS-6.7 > install tree and all the CentOS-6.7 install media and images. > > Normally the full release follows the CR release in 7-14 days if you do > not use the CR process. > > For more info on the CR repository, see this link: > > http://wiki.centos.org/AdditionalResources/Repositories/CR > > If you want to enable CR on CentOS-6.6, use the command: > > yum install centos-release-cr > > You would then get the updates with the command: > > yum upgradeHi Johnny, are the SRPMS packages of the CR reposiory also already available? -- Thanks LF
Peter
2015-Aug-01 23:31 UTC
[CentOS] CentOS Continuous Release Repository updated with CentOS-6.7 RPMs
On 07/28/2015 08:42 PM, Peter Kjellstrom wrote:> And that "1" important above is quite important. See RHSA-2015-1482 > (CVE-2015-3245, CVE-2015-3246) pkg libuser: local root with exploit in > the wild. > > (as a side note c5 is also affected but no update exists or is planned > afaict).For CentOS 5 you should follow the mitigation instructions at the end of this page: https://access.redhat.com/articles/1537873 Peter
Reasonably Related Threads
- CentOS Continuous Release Repository updated with CentOS-6.7 RPMs
- CentOS-announce Digest, Vol 125, Issue 10
- CentOS Continuous Release Repository updated with CentOS-6.7 RPMs
- why no recent bind update for CentOS 6?
- Continuous Release repository RPMs now released