OmniOS r151004

r151004y

Weekly release for 15-19 Apr 2013

r151004v

Weekly release for 1-5 Apr 2013

  • Updated packages
    • network/dns/bind - 9.9.2-P2, Removed the check for regex.h in configure (isc.org). OmniOS does not ship libregex so there is no security vulnerability.
    • system/pciutils/pci.ids - updated to 2013-03-29 snapshot

r151004t

Weekly release for 18-22 Mar 2013

Note: The illumos KVM implementation is not vulnerable to the other two CVEs that are related to this one (1796, 1797)

If you do not run any KVM guests, you likely do not have the kvm driver loaded. Simply updating the package will be sufficient. An updated omnios-userland incorporation package is required as well, which relaxes the version constraint on the KVM packages. A blanket ‘pkg update’ will take care of this, but if you are not applying all available updates, you need, at a minimum: omnios-userland, driver/virtualization/kvm and system/kvm

To update the kvm driver on a running system:

  • Obtain the module ID, which is the first column in the output of modinfo(1M):
    # modinfo | grep kvm
    266 fffffffff8325000  39ff0 265   1  kvm (kvm driver v0.1)
    
  • Shut down all KVM guests.
  • Unload the current module using the ID obtained above:
    # modunload -i 266
    
  • Load the updated module:
    # modload -p drv/kvm
    
  • Verify the updated module has loaded. Note the change in size from the previous info (third column):
    # modinfo | grep kvm
    266 fffffffff8325000  39eb0 265   1  kvm (kvm driver v0.1)
    

If you encounter errors with the above procedure, just reboot.

r151004r

Weekly release for 4-8 Mar 2013

As always, a pkg update -nv will do a “dry run” and show you the proposed upgrades.

r151004n

Weekly release for 4-8 Feb 2013

  • Security fixes
    • library/security/openssl@1.0.1.4 - SSL, TLS and DTLS Plaintext Recovery Attack (CVE-2013-0169) OpenSSL advisory
      • Shortly after r151004n was announced, we were made aware of a regression in 1.0.1d that causes corruption of the data stream on x86_64. We have applied the patch referenced in the ticket and re-published the package
      • The omnios-userland incorporation was overly restrictive with the openssl version. In order to update openssl, do:
        # pkg update omnios-userland openssl
        
      • This shell script will examine running processes in the current zone and tell you which services need to be restarted to complete the update
  • Updated packages
    • system/pciutils/pci.ids updated to 2013-02-05 snapshot

r151004j

Weekly release for 7-11 Jan 2013

  • Updated packages
    • system/library/pcap - backported fix from bloody which corrects a build issue that results in a missing symbol.
    • system/pciutils/pci.ids - updated to 2013-01-07 snapshot

r151004h

Weekly release for 24-28 Dec 2012

  • Updated packages
    • developer/versioning/git - Now with man pages! Git documentation is written in AsciiDoc, which requires an enormous number of dependencies, adding support overhead and bloat for little benefit. Git’s man pages are now built on a different system and included in the final package.

r151004f

Weekly release for 10-14 Dec 2012

  • New packages
    • system/management/ec2-api-tools - API tools serve as the client interface to the Amazon EC2 web service
  • Updated packages
    • network/dns/bind - BIND 9.9.2-P1 client utilities
    • system/pciutils/pci.ids updated to 2012-12-08 snapshot

r151004b

Weekly release for 12-16 Nov 2012

  • Bug fixes
    • Missing build dependency for system/management/ipmitool resulted in bmc interface not working. Recompiled with correct support
  • New packages
    • system/management/ec2-credential - Service that handles Amazon EC2 ssh key setup at boot time. Already included in official AMIs; not relevant outside AWS
  • Updated packages
    • system/pciutils/pci.ids updated to 2012-11-11 snapshot

r151004

Stable release, October 29, 2012

illumos-omnios at 33fdde4

Highlights

  • Corrected some latent issues with package metadata related to upgrading
    • New “omnios-userland” incorporation prevents accidentally upgrading non-illumos-gate packages past one’s current release
    • NOTE: A small number of package updates are required prior to upgrading from r151002 See Upgrade_r151002_r151004
  • illumos-gate built with GCC 4.4.4-il
  • ZFS feature flags
  • ZFS I/O throttling for zones

Userland changes

  • developer/build/automake-111 - Automake 1.11.6
  • file/gnu-coreutils - /usr/gnu/bin/install now linked to /usr/bin/install
  • network/dns/bind - BIND 9.9.2
  • system/install/kayak - more utilities in miniroot environment, helpful for breakfix
  • system/library/pcap - libpcap 1.3.0, now uses DLPI
  • system/pciutils/pci.ids - snapshot as of 2012-10-10
  • Removed GCC 3 packages: developer/gcc-3, system/library/gcc-3-runtime

Notable upstream illumos changes

  • 370 Open-source IPMI baseboard driver (driver/ipmi)
  • 3047 grep support for -r
  • 3014 Intel X540 Support
  • 3021 time-ordered output for DTrace
  • 1450 illumos buildable with GCC4
  • 2831 reduce SMF memory footprint
  • 2619 asynchronous destruction of ZFS file systems
  • 2747 zpool feature flags

Changes from other sources

  • illumos-kvm as of bb04ae8a50 (Joyent)
  • illumos-kvm-cmd as of 6d85df9c59 (Joyent)
  • ZFS I/O throttle (Joyent)
    • includes new vfsstat command to inspect filesystem activity closer to where it matters for applications
  • 2869 Fix duplicate packets when using VNICs over aggr links (OmniTI)