My Favorites

Close

Please to see your favorites.

  • Bookmark
  • Email Document
  • Printer Friendly
  • Favorite
  • Rating:

How to create a custom repository for CVE-2014-6271 & CVE-2014-7169 on SMT and SUSE Manager

This document (7015731) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 11 Service Pack 3 (SLES 11 SP3)
SUSE Linux Enterprise Server 11 Service Pack 2 (SLES 11 SP2)
SUSE Linux Enterprise Server 11 Service Pack 1 (SLES 11 SP1)
SUSE Manager 2.1
SUSE Manager 1.7

Situation

The shellshock situation (CVE-2014-6271 & CVE-2014-7169) forced a lot of customers to apply patches to outdated OS versions.
As these patches could not be retrieved through the normal channels (unless a LTSS support agreement has been signed) the easiest solution to distribute such patches to larger environments is to create a custom repository.
Further details on the shellshock situation can be found in TID 7015702 - CVE-2014-6271 & CVE-2014-7169 - Shellshock

Resolution

The easiest way to create a custom repo is to use the createrepo package that was developed for SUSE Manager but can be installed on all SLES 11 SP3 systems (SLES11-SP3-Updates repository) via:
  • zypper in createrepo
Once the package has been installed please go ahead and create the custom repository by following these steps:

  1. Download the RPM's that should be part of the custom repository.
    Information on how to access the patches can be found in  TID 7015702 - CVE-2014-6271 & CVE-2014-7169 - Shellshock or Patch Finder directly.

  2. Create a folder in /srv/www/htdocs with the name of the new repo, for example "SLES11-shellshock":

    mkdir -p /srv/www/htdocs/<custom repo name>

  3. Copy the files to /srv/www/htdocs/<custom repo name>

  4. Issue the following command in the new repo:

    createrepo
    or
    createrepo /srv/www/htdocs/<custom repo name>


    The URL on the SMT system will be: http://<SMT FQDN>/<custom repo name</updates
    The URL on the SUSE Manager will be: http://<SUSE Manager/<custom repo name>

Additional Information

In case the software selection is locked and no additional packages may be installed, there is a procedure to create the needed structure manually:
mkdir -p /srv/www/htdocs/<custom repo name>
cd /srv/www/htdocs/<custom repo name>
./create_update_source.sh .
mkdir -p ./updates/suse/x86_64
cp -a <new-postfix-rpm> ./updates/suse/x86_64
cd updates/suse
create_package_descr -x setup/descr/EXTRA_PROV
cd setup/descr
ls > directory.yast
cd ../../..
create_sha1sums -x -n .

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7015731
  • Creation Date:02-OCT-14
  • Modified Date:02-OCT-14
    • SUSESubscription Management Tool
      SUSE Linux Enterprise Server
      SUSE Manager

Did this document solve your problem? Provide Feedback

< Back to Support Search

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.


SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center