CentOS

Hi All,

My project is using CENT OS 5.8 with rpm of i386 architecture.

To resolve vulnerability issues we need to upgrade below rpms
1.bash from 3.2-32.el5 to 4.3
2.cpio from 2.6-23 to 2.6-28
3.libxml2 from 2-2.6 to 2.9.1
4.nfs-util from 1.0.9 to 1.1.3
5.stunnel from 4.15 to 4.24
6.tcpdump from 3.9.4 to 3.9.7
7.xinetd from 2.3.14 to 2.3.15

But i cant able to get rpms in i386 architecture. Is i686 architecture rpms can be used to upgrade above rpms?

When i tried to upgrade using i686 i'm facing lot of dependecy issues. How to resolve dependencies.

Please do the needful.

ThanksInAdvance,
Naveen.

No, you do not need to upgrade to those versions. You just need to yum update your server to the latest available updates and take yourself to CentOS 5.10. In line with the upstream policy of backporting security patches detailed https://access.redhat.com/site/security ... ckporting/

Hi moderator,

Thanks for the quick response.

Our project is stable now. So we are not planning to upgrade centos.

Is it possible to upgrade those RPMs in centos 5.8 itself?

For example:

I am having bash rpm "bash-3.2-32.el5".
This rpm is affected by vulnerability CVE-2012-3410, so i'm planning upgrade this rpm to 4.3 to resolve this Vulnerability.

But i can't able to get bash-4.3 in i386 architecture.
But i able to get it in i686. When i try to upgrade i'm gettin below dependency issues

[root@nacmanager rpm-test]# rpm -Uvh bash-4.3.11-1.fc21.i686.rpm
error: Failed dependencies:
libc.so.6(GLIBC_2.11) is needed by bash-4.3.11-1.fc21.i686
libc.so.6(GLIBC_2.15) is needed by bash-4.3.11-1.fc21.i686
libc.so.6(GLIBC_2.8) is needed by bash-4.3.11-1.fc21.i686
libtinfo.so.5 is needed by bash-4.3.11-1.fc21.i686
rpmlib(FileDigests) <= 4.6.0-1 is needed by bash-4.3.11-1.fc21.i686
rpmlib(PayloadIsXz) <= 5.2-1 is needed by bash-4.3.11-1.fc21.i686
filesystem < 3 conflicts with bash-4.3.11-1.fc21.i686

How i need to proceed.

Please advice.

Thanks,
Naveen.

> Our project is stable now. So we are not planning to upgrade centos.

Your project won't be stable if you manage to install RPMs meant for other OSes like the FC21 one in your example, or if you don't update your machine to the current version of CentOS 5 - as you'll be missing all the security and stability improvements that have been added since 5.8 was current.

Thanks Steve.

Do you know how to get above versions of RPMs in centos 5.8 with i386 architecture.
Any links or point of contact?

"Yum update" will get you updated to 5.10 which is 5.8 with the rpms that address the CVEs.
RHEL and CentOS fix security issues without changing major version numbers.

Thanks Gerald.

When i give yum update i'm getting below response

# yum update
Setting up Update Process
No Packages marked for Update

Am i right ? Is syntax is correct (or) do i need to add any parameters?

Show us the output of the following commands:

rpm -q centos-release

uname -a

yum repolist all

Gerald, below are the output

# rpm -q centos-release
centos-release-5-8.el5.centos

# uname -a
Linux XXXXXX 2.6.18-308.4.1.el5PAE #1 SMP Tue Apr 17 17:47:38 EDT 2012 i686 i686 i386 GNU/Linux

# yum repolist all
repo id repo name status
base XXX enabled: 304
repolist: 304


where XXXX stands for our project name