[OpenIndiana-discuss] The vulnerability of Percona server

Sakuma, Koshiro bravo.echo.one at gmail.com
Wed Sep 14 11:27:04 UTC 2016


Hi,

Thanks!  BTW, how I can add empty line?  I mean, I understand what it is,
but which areas or locations do I need to add?

, edit /etc/ssh/sshd_config (for example, add empty line) and retry
updating.

Here is inside of sshd_config file.

#
# Copyright (c) 2001, 2010, Oracle and/or its affiliates. All rights
reserved.
#
# Configuration file for sshd(1m) (see also sshd_config(4))
#

# Protocol versions supported
#
# The sshd shipped in this release of Solaris has support for major versions
# 1 and 2.  It is recommended due to security weaknesses in the v1 protocol
# that sites run only v2 if possible. Support for v1 is provided to help
sites
# with existing ssh v1 clients/servers to transition.
# Support for v1 may not be available in a future release of Solaris.
#
# To enable support for v1 an RSA1 key must be created with ssh-keygen(1).
# RSA and DSA keys for protocol v2 are created by /etc/init.d/sshd if they
# do not already exist, RSA1 keys for protocol v1 are not automatically
created.

# Uncomment ONLY ONE of the following Protocol statements.

# Only v2 (recommended)
Protocol 2

# Both v1 and v2 (not recommended)
#Protocol 2,1

# Only v1 (not recommended)
#Protocol 1

# Listen port (the IANA registered port number for ssh is 22)
Port 22

# The default listen address is all interfaces, this may need to be changed
# if you wish to restrict the interfaces sshd listens on for a multi homed
host.
# Multiple ListenAddress entries are allowed.


2016-09-14 17:43 GMT+09:00 Aurélien Larcher <aurelien.larcher at gmail.com>:

> https://www.openindiana.org/2016/08/29/possible-ssh-update-issue/
>
> On Wed, Sep 14, 2016 at 10:36 AM, Sakuma, Koshiro
> <bravo.echo.one at gmail.com> wrote:
> > Hi, The upgrade was failed due to following error?!   The version
> > is illumos-f83b46b.
> > Please advise....
> >
> > TypeError: 'NoneType' object is not callable
> >
> > The running system has not been modified. Modifications were only made
> to a
> > clone of the running system.  This clone is mounted at /tmp/tmpWvFB6x
> > should you wish to inspect it.
> > Traceback (most recent call last):
> >   File "/usr/bin/pkg", line 5444, in handle_errors
> >     __ret = func(*args, **kwargs)
> >   File "/usr/bin/pkg", line 5430, in main_func
> >     pargs=pargs, **opts)
> >   File "/usr/bin/pkg", line 2116, in update
> >     display_plan_cb=display_plan_cb, logger=logger)
> >   File "/usr/lib/python2.6/vendor-packages/pkg/client/client_api.py",
> line
> > 1600, in _update
> >     logger=logger)
> >   File "/usr/lib/python2.6/vendor-packages/pkg/client/client_api.py",
> line
> > 1476, in __api_op
> >     ret = __api_execute_plan(_op, _api_inst)
> >   File "/usr/lib/python2.6/vendor-packages/pkg/client/client_api.py",
> line
> > 1028, in __api_execute_plan
> >     api_inst.execute_plan()
> >   File "/usr/lib/python2.6/vendor-packages/pkg/client/api.py", line
> 2825,
> > in execute_plan
> >     self._img.imageplan.execute()
> >   File "/usr/lib/python2.6/vendor-packages/pkg/client/imageplan.py",
> line
> > 4613, in execute
> >     p.execute_update(src, dest)
> >   File "/usr/lib/python2.6/vendor-packages/pkg/client/pkgplan.py", line
> > 582, in execute_update
> >     dest.install(self, src)
> >   File "/usr/lib/python2.6/vendor-packages/pkg/actions/file.py", line
> 189,
> > in install
> >     stream = self.data()
> > TypeError: 'NoneType' object is not callable
> >
> >
> > pkg: This is an internal error in pkg(5) version 5d991ae.  Please log a
> > Service Request about this issue including the information above and this
> > message.
> >
> > 2016-09-14 16:13 GMT+09:00 Alexander Pyhalov <alp at rsu.ru>:
> >
> >> On 09/14/16 10:03 AM, Alexander Pyhalov wrote:
> >>
> >>> On 09/14/16 09:58 AM, Alexander Pyhalov wrote:
> >>>
> >>>> On 09/14/16 12:49 AM, Sakuma, Koshiro wrote:
> >>>>
> >>>>> Dear Professionals;
> >>>>>
> >>>>> I've just gotten some information of percona vulnerability issue.
> Can I
> >>>>> update the latest version of percona server?  I tried to do this, but
> >>>>> the
> >>>>> update seems not be available yet.
> >>>>>
> >>>>> https://www.percona.com/blog/2016/09/12/percona-server-criti
> >>>>> cal-update-cve-2016-6662/
> >>>>>
> >>>>>
> >>>>>
> >>>> Hi.
> >>>> AFAIK, we have latest percona-server (5.5-5.7) versions in our
> >>>> repository.
> >>>>
> >>>>
> >>> I was wrong, we have to update it once again....
> >>>
> >>>
> >>>
> >> Self-correction: no, currently we have the latest...
> >>
> >>
> >> --
> >> Best regards,
> >> Alexander Pyhalov,
> >> system administrator of Southern Federal University IT department
> >>
> >> _______________________________________________
> >> openindiana-discuss mailing list
> >> openindiana-discuss at openindiana.org
> >> https://openindiana.org/mailman/listinfo/openindiana-discuss
> >>
> > _______________________________________________
> > openindiana-discuss mailing list
> > openindiana-discuss at openindiana.org
> > https://openindiana.org/mailman/listinfo/openindiana-discuss
>
>
>
> --
> ---
> Praise the Caffeine embeddings
>
> _______________________________________________
> openindiana-discuss mailing list
> openindiana-discuss at openindiana.org
> https://openindiana.org/mailman/listinfo/openindiana-discuss
>


More information about the openindiana-discuss mailing list