Send CentOS-announce mailing list submissions to centos-announce@xxxxxxxxxx To subscribe or unsubscribe via the World Wide Web, visit https://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request@xxxxxxxxxx You can reach the person managing the list at centos-announce-owner@xxxxxxxxxx When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. New CentOS Atomic Release and Kubernetes System Containers Now Available (Jason Brooks) 2. CESA-2017:2456 Critical CentOS 6 firefox Security Update (Johnny Hughes) 3. CESA-2017:2424 Critical CentOS 6 java-1.7.0-openjdk Security Update (Johnny Hughes) 4. CESA-2017:2478 Critical CentOS 6 httpd Security Update (Johnny Hughes) ---------------------------------------------------------------------- Message: 1 Date: Fri, 11 Aug 2017 11:53:14 -0700 From: Jason Brooks <jbrooks@xxxxxxxxxx> To: "The CentOS developers mailing list." <centos-devel@xxxxxxxxxx>, atomic-devel <atomic-devel@xxxxxxxxxxxxxxxx>, atomic-announce@xxxxxxxxxxxxxxxx, centos-announce@xxxxxxxxxx Subject: [CentOS-announce] New CentOS Atomic Release and Kubernetes System Containers Now Available Message-ID: <CAF=rfpDokA6CUrO2W0aY3gEuOpJ384ThhH-6fwJxwf6OueAg_Q@xxxxxxxxxxxxxx> Content-Type: text/plain; charset="UTF-8" Last week, the CentOS Atomic SIG released an updated version (https://wiki.centos.org/SpecialInterestGroup/Atomic/Download) of CentOS Atomic Host (7.1707), a lean operating system designed to run Docker containers, built from standard CentOS 7 RPMs, and tracking the component versions included in Red Hat Enterprise Linux Atomic Host. The release, which came as part of the monthly CentOS release stream, was a modest one, including only a single glibc bugfix update (https://lists.centos.org/pipermail/centos-announce/2017-July/022505.html). The next Atomic Host release will be based on the RHEL 7.4 source code (https://seven.centos.org/2017/08/centos-linux-7-1708-based-on-rhel-7-4-source-code/) and will include support for overlayfs container storage, among other enhancements. Outside of the Atomic Host itself, the SIG has updated its Kubernetes container images to be usable as system containers (http://www.projectatomic.io/blog/2016/09/intro-to-system-containers/). What's more, in addition to the Kubernetes 1.5.x-based containers that derive from RHEL, the Atomic SIG is now producing packages and containers that provide the current 1.7.x version of Kubernetes. ## Containerized Master The downstream release of CentOS Atomic Host ships without the kubernetes-master package built into the image. You can install the master kubernetes components (apiserver, scheduler, and controller-manager) as system containers, using the following commands: # atomic install --system --system-package=no --name kube-apiserver registry.centos.org/centos/kubernetes-apiserver:latest # atomic install --system --system-package=no --name kube-scheduler registry.centos.org/centos/kubernetes-scheduler:latest # atomic install --system --system-package=no --name kube-controller-manager registry.centos.org/centos/kubernetes-controller-manager:latest ## Kubernetes 1.7.x The CentOS Virt SIG is now producing Kubernetes 1.7.x rpms, available through this yum repo (https://github.com/CentOS/CentOS-Dockerfiles/blob/master/kubernetes-sig/master/virt7-container-common-candidate.repo). The Atomic SIG is maintaining system containers based on these rpms that can be installed as as follows: ### on your master # atomic install --system --system-package=no --name kube-apiserver registry.centos.org/centos/kubernetes-sig-apiserver:latest # atomic install --system --system-package=no --name kube-scheduler registry.centos.org/centos/kubernetes-sig-scheduler:latest # atomic install --system --system-package=no --name kube-controller-manager registry.centos.org/centos/kubernetes-sig-controller-manager:latest ### on your node(s) # atomic install --system --system-package=no --name kubelet registry.centos.org/centos/kubernetes-sig-kubelet:latest # atomic install --system --system-package=no --name kube-proxy registry.centos.org/centos/kubernetes-sig-proxy:latest Both the 1.5.x and 1.7.x sets of containers have been tested with the kubernetes ansible scripts (https://github.com/kubernetes/contrib/tree/master/ansible) provided in the upstream contrib repository, and function as drop-in replacements for the installed rpms. If you prefer to run Kubernetes from installed rpms, you can layer the master components onto your Atomic Host image using rpm-ostree package layering with the command: `atomic host install kubernetes-master`. The containers referenced in these systemd service files are built in and hosted from the CentOS Community Container Pipeline (https://wiki.centos.org/ContainerPipeline), based on Dockerfiles from the CentOS-Dockerfiles repository (https://github.com/CentOS/CentOS-Dockerfiles/tree/master/kubernetes). ## Download CentOS Atomic Host CentOS Atomic Host is available as a VirtualBox or libvirt-formatted Vagrant box, or as an installable ISO, qcow2 or Amazon Machine image. For links to media, see the CentOS wiki (https://wiki.centos.org/SpecialInterestGroup/Atomic/Download). ## Upgrading If you're running a previous version of CentOS Atomic Host, you can upgrade to the current image by running the following command: $ sudo atomic host upgrade ## Release Cycle The CentOS Atomic Host image follows the upstream Red Hat Enterprise Linux Atomic Host cadence. After sources are released, they're rebuilt and included in new images. After the images are tested by the SIG and deemed ready, we announce them. ## Getting Involved CentOS Atomic Host is produced by the CentOS Atomic SIG (http://wiki.centos.org/SpecialInterestGroup/Atomic), based on upstream work from Project Atomic (http://www.projectatomic.io/). If you'd like to work on testing images, help with packaging, documentation -- join us! The SIG meets weekly on Thursdays at 16:00 UTC in the #centos-devel channel, and you'll often find us in #atomic and/or #centos-devel if you have questions. You can also join the atomic-devel (https://lists.projectatomic.io/mailman/listinfo/atomic-devel) mailing list if you'd like to discuss the direction of Project Atomic, its components, or have other questions. ## Getting Help If you run into any problems with the images or components, feel free to ask on the centos-devel (http://lists.centos.org/mailman/listinfo/centos-devel) mailing list. Have questions about using Atomic? See the atomic (https://lists.projectatomic.io/mailman/listinfo/atomic) mailing list or find us in the #atomic channel on Freenode. ------------------------------ Message: 2 Date: Tue, 15 Aug 2017 20:20:53 +0000 From: Johnny Hughes <johnny@xxxxxxxxxx> To: centos-announce@xxxxxxxxxx Subject: [CentOS-announce] CESA-2017:2456 Critical CentOS 6 firefox Security Update Message-ID: <20170815202053.GA55144@xxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2017:2456 Critical Upstream details at : https://access.redhat.com/errata/RHSA-2017:2456 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: f29636840b84fd6d5a4a102d02a19c569a3c8e5bb122fffab931a57fdaf87ae8 firefox-52.3.0-3.el6.centos.i686.rpm x86_64: f29636840b84fd6d5a4a102d02a19c569a3c8e5bb122fffab931a57fdaf87ae8 firefox-52.3.0-3.el6.centos.i686.rpm fa94722eb61a41e0c0c12c31dab803aeb3387e9ba83ad52a305dc1880d5764b8 firefox-52.3.0-3.el6.centos.x86_64.rpm Source: 85eb85c49ccac809e5eb899b3680735e5ba1521c378866ccfa98982462801152 firefox-52.3.0-3.el6.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos@xxxxxxxxxxxxxxxx Twitter: @JohnnyCentOS ------------------------------ Message: 3 Date: Tue, 15 Aug 2017 20:23:35 +0000 From: Johnny Hughes <johnny@xxxxxxxxxx> To: centos-announce@xxxxxxxxxx Subject: [CentOS-announce] CESA-2017:2424 Critical CentOS 6 java-1.7.0-openjdk Security Update Message-ID: <20170815202335.GA55418@xxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2017:2424 Critical Upstream details at : https://access.redhat.com/errata/RHSA-2017:2424 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 53a24f4fed4dffa5d60f5f6f5aae09cae0d5aa675aae5c89bc89568f150c375b java-1.7.0-openjdk-1.7.0.151-2.6.11.0.el6_9.i686.rpm 87ed44696e8f5d9f3a409e48e8e45c9963ee8bd5d66d85432f99fde5fe700fc6 java-1.7.0-openjdk-demo-1.7.0.151-2.6.11.0.el6_9.i686.rpm a22a1605fd7fd61c1edff42b837d048263c9ed3d62ddc6cb057df9db9b8488d3 java-1.7.0-openjdk-devel-1.7.0.151-2.6.11.0.el6_9.i686.rpm ab1fa5c00fc66e895c699909ba6f7a033359a2cb6c853b45db77bac414f83faa java-1.7.0-openjdk-javadoc-1.7.0.151-2.6.11.0.el6_9.noarch.rpm ddc41007c6b80e937826f9b08adb8529537e45224b7d9c77e88a5137333dec08 java-1.7.0-openjdk-src-1.7.0.151-2.6.11.0.el6_9.i686.rpm x86_64: bd3d2e33f5f05c97acdb4463ee838e1ac990de77704401a13cbee82d6359c93b java-1.7.0-openjdk-1.7.0.151-2.6.11.0.el6_9.x86_64.rpm 077188b99553fa5323ce61ae133048b4a3fbf12bb6feeb494734af627cf5fb62 java-1.7.0-openjdk-demo-1.7.0.151-2.6.11.0.el6_9.x86_64.rpm aa5efd1300c3240590bf4ecaaf00040eb1a3ae3674279de2c768c734921eef85 java-1.7.0-openjdk-devel-1.7.0.151-2.6.11.0.el6_9.x86_64.rpm ab1fa5c00fc66e895c699909ba6f7a033359a2cb6c853b45db77bac414f83faa java-1.7.0-openjdk-javadoc-1.7.0.151-2.6.11.0.el6_9.noarch.rpm 51f85429d7fb4aebb500b6ba73e717f7dbc6597191db9dd8c0b108d9f1e7aac4 java-1.7.0-openjdk-src-1.7.0.151-2.6.11.0.el6_9.x86_64.rpm Source: f7fea14d8c97e7251cb3129c2c0bc23485ed534d36f80a9e1feb6d301abbe207 java-1.7.0-openjdk-1.7.0.151-2.6.11.0.el6_9.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos@xxxxxxxxxxxxxxxx Twitter: @JohnnyCentOS ------------------------------ Message: 4 Date: Tue, 15 Aug 2017 20:25:39 +0000 From: Johnny Hughes <johnny@xxxxxxxxxx> To: centos-announce@xxxxxxxxxx Subject: [CentOS-announce] CESA-2017:2478 Critical CentOS 6 httpd Security Update Message-ID: <20170815202539.GA55716@xxxxxxxxxxxxxxxxxx> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2017:2478 Critical Upstream details at : https://access.redhat.com/errata/RHSA-2017:2478 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 68b712bfb3b1a08748f4bdac924dc30fa5683977333c9ff052a525d2e9347259 httpd-2.2.15-60.el6.centos.5.i686.rpm aeff46346d66dcb687524a05882f21b6c7596f433859c2a443354af33bc3deed httpd-devel-2.2.15-60.el6.centos.5.i686.rpm ae7886ff13fef00ae7272ccced1ec6e3d4cdd0db02a3e9ba37a37d7b7548d087 httpd-manual-2.2.15-60.el6.centos.5.noarch.rpm 30d1a73a78e580d5314b7140799e23af42c0023560c863ceab681eae175e815b httpd-tools-2.2.15-60.el6.centos.5.i686.rpm c6ee5b709d021faaa9abd61f8316948ed2043ce53d935b9063285bf3d41994f8 mod_ssl-2.2.15-60.el6.centos.5.i686.rpm x86_64: 6c4577f55b8b3f40a1223be39a61ee1185ce7b9a0588ef4ad60fbf45d5e431e7 httpd-2.2.15-60.el6.centos.5.x86_64.rpm aeff46346d66dcb687524a05882f21b6c7596f433859c2a443354af33bc3deed httpd-devel-2.2.15-60.el6.centos.5.i686.rpm 4c9cc089ac1d30b9b50bd1ff2a2a3eaf0c09cc969b0b543f6a7d9ffd01f5cf4f httpd-devel-2.2.15-60.el6.centos.5.x86_64.rpm ae7886ff13fef00ae7272ccced1ec6e3d4cdd0db02a3e9ba37a37d7b7548d087 httpd-manual-2.2.15-60.el6.centos.5.noarch.rpm 5cc5dfdd78d76f2c020cfab998363aa8345cdc477d48af3a1c1cd48dd364098f httpd-tools-2.2.15-60.el6.centos.5.x86_64.rpm b2f9c90fc09cb85894f20ead9cbf4405cf92ac1748860aa280e7af96c21e17fb mod_ssl-2.2.15-60.el6.centos.5.x86_64.rpm Source: ee426ab362997f52fcfd19d7e5610359d47a3a5439cbba2ecff7455c35bd9b85 httpd-2.2.15-60.el6.centos.5.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos@xxxxxxxxxxxxxxxx Twitter: @JohnnyCentOS ------------------------------ Subject: Digest Footer _______________________________________________ CentOS-announce mailing list CentOS-announce@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos-announce ------------------------------ End of CentOS-announce Digest, Vol 150, Issue 1 *********************************************** _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos