[OmniOS-discuss] SECURITY UPDATE FOR OpenSSL & Perl; plus other fixes

Colin Roche-Dutch colin at omniti.com
Tue Mar 1 20:09:36 UTC 2016 

Hi Michael,

If you updated a zone but not the global yet, you can revert the zbe back
to the old version of openssl:

pkg -R <zoneroot>/root update openssl@<previous>

previous in this case would be:

For 016: pkg://omnios/library/security/openssl@1.0.2.6
,5.11-0.151016:20160128T191210Z
For 014: pkg://omnios/library/security/openssl@1.0.2.6-0.151014
:20160128T191031Z
For   06: pkg://omnios/library/security/openssl@1.0.1.18
,5.11-0.151006:20160202T152535Z

If you updated a global zone, you will need to boot to the backup BE that
was created during the pkg update to revert to the previous version.

Also as an update, the broken package has been removed from the
r151006/r151014/r151016 repos.

-Thanks,
Colin

On Tue, Mar 1, 2016 at 2:42 PM, Michael Rasmussen <mir at miras.org> wrote:

> On Tue, 1 Mar 2016 14:16:45 -0500
> Colin Roche-Dutch <colin at omniti.com> wrote:
>
> > The new OpenSSL update to address the DROWN attack is causing issues with
> > the pkg system, specifically with python due to the SSLv2 removal. Please
> > DO NOT update to the recently released OpenSSL package yet.
> >
> I guess this is what you see? :-(
> # pkg update -nv
> Traceback (most recent call last):
>   File "/usr/bin/pkg", line 67, in <module>
>     import pkg.actions as actions
>   File "/usr/lib/python2.6/vendor-packages/pkg/actions/__init__.py", line
> 68, in <module>
>     globals(), locals(), [modname])
>   File "/usr/lib/python2.6/vendor-packages/pkg/actions/legacy.py", line
> 39, in <module>
>     import generic
>   File "/usr/lib/python2.6/vendor-packages/pkg/actions/generic.py", line
> 48, in <module>
>     import pkg.variant as variant
>   File "/usr/lib/python2.6/vendor-packages/pkg/variant.py", line 35, in
> <module>
>     from pkg.misc import EmptyI
>   File "/usr/lib/python2.6/vendor-packages/pkg/misc.py", line 30, in
> <module>
>     import OpenSSL.crypto as osc
>   File "/usr/lib/python2.6/vendor-packages/OpenSSL/__init__.py", line 45,
> in <module>
>     from OpenSSL import rand, SSL
> ImportError: ld.so.1: python2.6: fatal: relocation error: file
> /usr/lib/python2.6/vendor-packages/OpenSSL/64/SSL.so: symbol SSLv2_method:
> referenced symbol not found
>
>
> --
> Hilsen/Regards
> Michael Rasmussen
>
> Get my public GnuPG keys:
> michael <at> rasmussen <dot> cc
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD3C9A00E
> mir <at> datanom <dot> net
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE501F51C
> mir <at> miras <dot> org
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE3E80917
> --------------------------------------------------------------
> /usr/games/fortune -es says:
> He hated being thought of as one of those people that wore stupid
> ornamental armour. It was gilt by association.
>                 -- Terry Pratchett, "Night Watch"
>
> _______________________________________________
> OmniOS-discuss mailing list
> OmniOS-discuss at lists.omniti.com
> http://lists.omniti.com/mailman/listinfo/omnios-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omniosce.org/ml-archive/attachments/20160301/97244733/attachment.html>

More information about the OmniOS-discuss mailing list