well, very sad to hear as I use commercial rhel 5 and paying for it.. Eero 2015-08-13 19:57 GMT+03:00 Johnny Hughes <johnny at centos.org>:> On 08/12/2015 10:43 PM, Eero Volotinen wrote: > > Hi List, > > > > Looks like this affects on centos 5 and is unpatched like on rhel 5? > > > > https://access.redhat.com/articles/1537873 > > > > Trying to test if this affects on centos 5. can someone compile this > > exploit on centos 5? > > https://www.qualys.com/research/security-advisories/roothelper.c > > > > any ideas how to compile it on centos 5? > > Red Hat says 2 things in that article: > > 1. It impacts RHEL5 (so also CentOS5) > > 2. They are NOT fixing it, at least not now. > > This is NOT the FIRST security update where this has happened. > > I would recommend you upgrade to CentOS-6 or CentOS-7 for all workloads > that you can. > > Thanks, > Johnny Hughes > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > >
On 08/13/2015 12:41 PM, Eero Volotinen wrote:> well, very sad to hear as I use commercial rhel 5 and paying for it.. >Well, in that case, I would recommend RHEL-6 or RHEL-7 for your RHEL-5 workloads :)> > 2015-08-13 19:57 GMT+03:00 Johnny Hughes <johnny at centos.org>: > >> On 08/12/2015 10:43 PM, Eero Volotinen wrote: >>> Hi List, >>> >>> Looks like this affects on centos 5 and is unpatched like on rhel 5? >>> >>> https://access.redhat.com/articles/1537873 >>> >>> Trying to test if this affects on centos 5. can someone compile this >>> exploit on centos 5? >>> https://www.qualys.com/research/security-advisories/roothelper.c >>> >>> any ideas how to compile it on centos 5? >> >> Red Hat says 2 things in that article: >> >> 1. It impacts RHEL5 (so also CentOS5) >> >> 2. They are NOT fixing it, at least not now. >> >> This is NOT the FIRST security update where this has happened. >> >> I would recommend you upgrade to CentOS-6 or CentOS-7 for all workloads >> that you can. >> >> Thanks, >> Johnny Hughes >> >> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos >> >> > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20150813/7c078183/attachment-0001.sig>
On 08/13/2015 12:48 PM, Johnny Hughes wrote:> On 08/13/2015 12:41 PM, Eero Volotinen wrote: >> well, very sad to hear as I use commercial rhel 5 and paying for it.. >> > > Well, in that case, I would recommend RHEL-6 or RHEL-7 for your RHEL-5 > workloads :)AND, I would open a support ticket saying you are concerned with your RHEL-5 security if you are using libuser on a RHEL-5 supported machine.> >> >> 2015-08-13 19:57 GMT+03:00 Johnny Hughes <johnny at centos.org>: >> >>> On 08/12/2015 10:43 PM, Eero Volotinen wrote: >>>> Hi List, >>>> >>>> Looks like this affects on centos 5 and is unpatched like on rhel 5? >>>> >>>> https://access.redhat.com/articles/1537873 >>>> >>>> Trying to test if this affects on centos 5. can someone compile this >>>> exploit on centos 5? >>>> https://www.qualys.com/research/security-advisories/roothelper.c >>>> >>>> any ideas how to compile it on centos 5? >>> >>> Red Hat says 2 things in that article: >>> >>> 1. It impacts RHEL5 (so also CentOS5) >>> >>> 2. They are NOT fixing it, at least not now. >>> >>> This is NOT the FIRST security update where this has happened. >>> >>> I would recommend you upgrade to CentOS-6 or CentOS-7 for all workloads >>> that you can. >>> >>> Thanks, >>> Johnny Hughes >>> >>> >>> _______________________________________________ >>> CentOS mailing list >>> CentOS at centos.org >>> http://lists.centos.org/mailman/listinfo/centos >>> >>> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos >> > > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20150813/943e1222/attachment-0001.sig>