Closed Bug 1258545 Opened 8 years ago Closed 8 years ago

upgrade git to >2.7.3 on vcs-sync machines to address CVE-2016-2324 and CVE‑2016‑2315

Tracking

(Not tracked)

Status:

RESOLVED FIXED

People

(Reporter: hwine, Assigned: hwine)

Details

Hal Wine [:hwine] use NI!

Assignee

Description

•

8 years ago

The remaining vcs-sync machines are in 2 locations:
 - 1 in scl3 on RHEL
 - 2 in AWS on AWS linux

The one in scl3 is covered by the general puppet update.

The ones in AWS need special attention as AWS has not yet released an update RPM for Amazon Linux.

Hal Wine [:hwine] use NI!

Assignee

Comment 1

•

8 years ago

The 2.7.4 as used on our rhel machines of course did not work on amazon. And the vcs-sync machines don't have packages to build fresh RPMs, so:
 - create new t2.micro instance
 - install rpm-build
 - get the SRPMS from fubar used for bug 1257645 
 - do rpm installs as needed to get that to build cleanly
 - only 'git' and 'perl-git' RPMs are needed
 - install those 2 RPMs on the AWS vcs-sync instances

Assignee: nobody → hwine

Status: NEW → ASSIGNED

Hal Wine [:hwine] use NI!

Assignee

Comment 2

•

8 years ago

All vcssync hosts now report a git version of 2.7.4

Status: ASSIGNED → RESOLVED

Closed: 8 years ago

Resolution: --- → FIXED

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

upgrade git to >2.7.3 on vcs-sync machines to address CVE-2016-2324 and CVE‑2016‑2315

Categories

(Developer Services :: General, task)

Tracking

(Not tracked)

People

(Reporter: hwine, Assigned: hwine)

References

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Comment 2