SCIENTIFIC-LINUX-USERS Archives

February 2017

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
el6 or sl6 in (openssl) rpm packege release numbers ?
From:
Andrew C Aitchison <[log in to unmask]>
Reply To:
Andrew C Aitchison <[log in to unmask]>
Date:
Tue, 21 Feb 2017 17:35:48 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (77 lines) 
On Mon, 20 Feb 2017, Pat Riehecky wrote:
> Synopsis:          Moderate: openssl security update
> Advisory ID:       SLSA-2017:0286-1
> Issue Date:        2017-02-20
> CVE Numbers:       CVE-2016-8610
>                   CVE-2017-3731
> --
 		...		...
> SL6
>  x86_64
>    openssl-1.0.1e-48.el6_8.4.i686.rpm
>    openssl-1.0.1e-48.el6_8.4.x86_64.rpm
>    openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm
>    openssl-debuginfo-1.0.1e-48.el6_8.4.x86_64.rpm
>    openssl-devel-1.0.1e-48.el6_8.4.i686.rpm
>    openssl-devel-1.0.1e-48.el6_8.4.x86_64.rpm
>    openssl-perl-1.0.1e-48.el6_8.4.x86_64.rpm
>    openssl-static-1.0.1e-48.el6_8.4.x86_64.rpm
>  i386
>    openssl-1.0.1e-48.el6_8.4.i686.rpm
>    openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm
>    openssl-devel-1.0.1e-48.el6_8.4.i686.rpm
>    openssl-perl-1.0.1e-48.el6_8.4.i686.rpm
>    openssl-static-1.0.1e-48.el6_8.4.i686.rpm


This update hasn't arrived at my end yet, so I went poking:
# yum --enablerepo=sl-security --showduplicates list openssl

Loaded plugins: auto-update-debuginfo, fastestmirror, refresh-packagekit,
               : security
Loading mirror speeds from cached hostfile
  * elrepo: mirrors.coreix.net
  * epel: www.mirrorservice.org
  * epel-debuginfo: www.mirrorservice.org
  * sl: ftp1.scientificlinux.org
  * sl-debuginfo: ftp1.scientificlinux.org
  * sl-fastbugs: ftp1.scientificlinux.org
  * sl-security: ftp1.scientificlinux.org
  * sl6x: ftp1.scientificlinux.org
  * sl6x-fastbugs: ftp1.scientificlinux.org
  * sl6x-security: ftp1.scientificlinux.org
Installed Packages
openssl.i686                    1.0.1e-48.sl6_8.3                  @sl-security 
openssl.x86_64                  1.0.1e-48.sl6_8.3                  @sl-security 
Available Packages
openssl.i686                    1.0.1e-48.el6                      sl 
openssl.i686                    1.0.1e-48.el6                      sl6x 
openssl.x86_64                  1.0.1e-48.el6                      sl 
openssl.x86_64                  1.0.1e-48.el6                      sl6x 
openssl.i686                    1.0.1e-48.el6_8.1                  sl-security 
openssl.i686                    1.0.1e-48.el6_8.1                  sl6x-security
openssl.x86_64                  1.0.1e-48.el6_8.1                  sl-security 
openssl.x86_64                  1.0.1e-48.el6_8.1                  sl6x-security
openssl.i686                    1.0.1e-48.el6_8.4                  sl-security 
openssl.i686                    1.0.1e-48.el6_8.4                  sl6x-security
openssl.x86_64                  1.0.1e-48.el6_8.4                  sl-security 
openssl.x86_64                  1.0.1e-48.el6_8.4                  sl6x-security
openssl.i686                    1.0.1e-48.sl6_8.3                  sl-security 
openssl.i686                    1.0.1e-48.sl6_8.3                  sl6x-security
openssl.x86_64                  1.0.1e-48.sl6_8.3                  sl-security 
openssl.x86_64                  1.0.1e-48.sl6_8.3                  sl6x-security


I note that the 6_8.3 versions are el..., whereas the 6_8.4 are all sl...
Of course sl6_8.3 comes after el6_8.4 so the updates are ignored :-(

I'm now confused, should they be el6... or sl6... ?

(I'm also confused about whether I should be using sl-security or 
sl6-security, but that is less important).

Thanks,

-- 
Andrew C Aitchison

ATOM RSS1 RSS2