[packman] PMBS vulnerable to Heartbleed

Stefan Botter jsj at jsj.dyndns.org
Tue Apr 15 08:37:37 CEST 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

[zypper dup on 12.2 -> 13.1 is bound to fail]

thank you for your input, but in fact the operating system update is a
piece of cake - actually this is what I do most of these days in the
past two or three months.
True - it is not just zypper dup, reboot, finished, but the update
12.2->13.1 works surprisingly well using that method, compared to
earlier update cases, even with the step sysvinit -> systemd.
The fact, that we now have to use systemd is a little unnerving, as it
simply is not a drop-in-replacement, and that obs is still init.d
scripts, is a pity here. But if you are nice to systemd, it will behave.

The main problem ATM is the OBS update itself, namely the db update. I
already had created an issue on github, which led to the 2.5.1 release,
but - at least for my OBS installations - this made the update task even
worse, and I am right now not sure, where this is originating, and I am
still investigating. My databases from the 2.4.6 lack several keys,
which should be deleted by the update, and, as they are not there, the
update process fails. These steps obviously succeeded with the update
from 2.4.6 to 2.5.0, as the update there failed at a later stage.

I am not nitpicking about the update process, but I want to do a clean
update with as little downtime as possible, and right now I try to find
a way to do that. My test system - the university's own internal build
system - is not that important, and will be the final test case for the
PMBS update. Right now I am testing both with a fresh 2.4.6 install,
and a copy of the internal BS.


Yes, I am on it, but as I said in my last mail, PMBS is top-priority on
my B-list, as I have _lots_ of tasks at work, which keep me on here
longer, and some other time-consuming items in my private life.

If you are uncomfortable with still running on the vulnerable PMBS, I
can shut it down until the update is finished.

We still should change passwords after the update!

Greetings,

Stefan
- -- 
Stefan Botter zu Hause
Bremen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iEYEARECAAYFAlNM07QACgkQDcUqvJAsv/SIxwCcDBmnHZeSHwitd+5Itrd3OjiA
qM8AoIXavUlB8DIrpZYRrY23ws/gtokk
=bptk
-----END PGP SIGNATURE-----

More information about the Packman mailing list