3. BCLinux Developers

Group Details Private

BCLinux Developers

 

Member List

B
 		bclinux
Z
 		zhanglang
D
 		dinglimin
T
 		tanyuehui
X
 		xiajidong
M
 		maozy
D
 		dingxiang
Y
 		yewei
L
 		luoyifan
D
 		dingwei
Z
 		zhoushoujian
刘婧
L
 		liweiliang
W
 		weimingjiang
T
 		tangzhongrui
Y
 		yanhaishuang
X
 		xujianchao
B
 		baiyaowei
guzhifeng
Z
 		zhangshengju
G
 		guoyayun
  • 容器版系统在使用华为V5服务器时驱动升级方法

    容器版系统在使用华为V5服务器时驱动升级方法

    问题描述

    在华为 RH 1288V5 服务器(对应RAID是 LSI 3408)安装容器版系统BC-Linux for LDK V7.4时,在选择默认使用4.9高版本BEK内核启动,会出现无法正常进入系统情况。

    问题原因分析

    由于BC-Linux for LDK V7.4版本系统的高版本内核kernel-bek-4.9.82-100.el7.bclinux.x86_64版本发布较早,未合入较华为服务器新的raid驱动。

    影响版本

    • BC-Linux for LDK V7.4

    升级方法

    1.下载对应的驱动软件版本

    首先下载对应的raid驱动软件包,下载链接:
    http://mirrors.bclinux.org/bclinux/el7.4/kernel-bek/x86_64/Packages/kmod-bclinux-megaraid_sas-bek-07.706.07.00-2.el7_4.bclinux.x86_64.rpm

    2.安装驱动软件

    从3.10版本内核进入系统,安装驱动软件。

    [root@localhost ~]# rpm -ivh kmod-bclinux-megaraid_sas-bek-07.706.07.00-2.el7_4.bclinux.x86_64.rpm 
准备中...                          ################################# [100%]
正在升级/安装...
   1:kmod-bclinux-megaraid_sas-bek-07.################################# [100%]
   
[root@localhost ~]# rpm -aq | grep kmod-bclinux-megaraid_sas-bek
kmod-bclinux-megaraid_sas-bek-07.706.07.00-2.el7_4.bclinux.x86_64

    3.为高版本内核更新initramfs文件

    [root@localhost ~]# dracut -f /boot/initramfs-4.9.82-100.el7.bclinux.x86_64.img 4.9.82-100.el7.bclinux.x86_64

    4.重启系统

    重启系统,从高版本内核进入系统,如果系统能正常启动,则证明驱动升级完成。驱动升级后建议现网监测一段时间看是否完全兼容。

    posted in 解决方案
    T
    tangzhongrui
  • BLSA-2019:0033 - [重要] libvirt 安全更新公告

    问题描述

    本次安全更新修复了以下内容:

    • libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161)
    • libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166)
    • libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167)
    • libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168)

    影响版本

    • BigCloud Enterprise Linux 7.6

    更新类型

    • 缺陷更新:SA

    解决方案

    目前,BC-Linux 的官方源已经提供 libvirt 的更新软件包,受影响的 BC-Linux 客户端用户需要升级到 libvirt-4.5.0-10.7.el7.bclinux.6 版本。

    1. 检查YUM源设置,确保使用的是 BC-Linux 官方YUM源,保证有virt源配置

    [root@BC-Linux7 ~]# yum install bclinux-release-virt -y
[root@BC-Linux7 ~]# ll /etc/yum.repos.d/
total 24
-rw-r--r--. 1 root root  924 May 29 00:41 BCLinux-Base.repo
-rw-r--r--. 1 root root 1482 May 29 00:41 BCLinux-CR.repo
-rw-r--r--. 1 root root  669 May 29 00:41 BCLinux-Debuginfo.repo
-rw-r--r--. 1 root root 1763 May 29 00:41 BCLinux-Kernel.repo
-rw-r--r--. 1 root root  982 May 29 00:41 BCLinux-Source.repo
-rw-r--r--  1 root root  803 Jun 25 17:29 BCLinux-Virt.repo

    2. 安装更新

    [root@BC-Linux7 ~]# yum update libvirt
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package libvirt.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
--> Processing Dependency: libvirt-libs = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-storage = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-secret = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-qemu = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-nwfilter = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-nodedev = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-network = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-lxc = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-interface = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-config-nwfilter = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-config-network = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-client = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-4.5.0-10.7.el7.bclinux.6.x86_64
--> Running transaction check
---> Package libvirt-client.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-client.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
--> Processing Dependency: libvirt-bash-completion = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-client-4.5.0-10.7.el7.bclinux.6.x86_64
---> Package libvirt-daemon.x86_64 0:4.5.0-10.el7_6.7 will be updated
--> Processing Dependency: libvirt-daemon = 4.5.0-10.el7_6.7 for package: libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.7.x86_64
---> Package libvirt-daemon.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-config-network.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-config-network.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-config-nwfilter.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-config-nwfilter.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-interface.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-interface.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-lxc.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-lxc.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-network.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-network.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-nodedev.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-nodedev.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-nwfilter.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-nwfilter.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-qemu.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-qemu.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-secret.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-secret.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-storage.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-storage.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
--> Processing Dependency: libvirt-daemon-driver-storage-scsi = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-daemon-driver-storage-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-storage-rbd = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-daemon-driver-storage-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-storage-mpath = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-daemon-driver-storage-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-storage-logical = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-daemon-driver-storage-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-storage-iscsi = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-daemon-driver-storage-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-storage-gluster = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-daemon-driver-storage-4.5.0-10.7.el7.bclinux.6.x86_64
--> Processing Dependency: libvirt-daemon-driver-storage-disk = 4.5.0-10.7.el7.bclinux.6 for package: libvirt-daemon-driver-storage-4.5.0-10.7.el7.bclinux.6.x86_64
---> Package libvirt-libs.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-libs.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
--> Running transaction check
---> Package libvirt-bash-completion.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-bash-completion.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-storage-core.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-storage-core.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-storage-disk.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-storage-disk.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-storage-gluster.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-storage-gluster.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-storage-iscsi.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-storage-iscsi.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-storage-logical.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-storage-logical.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-storage-mpath.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-storage-mpath.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-storage-rbd.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-storage-rbd.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
---> Package libvirt-daemon-driver-storage-scsi.x86_64 0:4.5.0-10.el7_6.7 will be updated
---> Package libvirt-daemon-driver-storage-scsi.x86_64 0:4.5.0-10.7.el7.bclinux.6 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================
 Package                                                      Arch                          Version                                           Repository                      Size
===================================================================================================================================================================================
Updating:
 libvirt                                                      x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        186 k
Updating for dependencies:
 libvirt-bash-completion                                      x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        186 k
 libvirt-client                                               x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        482 k
 libvirt-daemon                                               x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        830 k
 libvirt-daemon-config-network                                x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        187 k
 libvirt-daemon-config-nwfilter                               x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        193 k
 libvirt-daemon-driver-interface                              x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        225 k
 libvirt-daemon-driver-lxc                                    x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        318 k
 libvirt-daemon-driver-network                                x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        398 k
 libvirt-daemon-driver-nodedev                                x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        224 k
 libvirt-daemon-driver-nwfilter                               x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        248 k
 libvirt-daemon-driver-qemu                                   x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        735 k
 libvirt-daemon-driver-secret                                 x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        215 k
 libvirt-daemon-driver-storage                                x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        185 k
 libvirt-daemon-driver-storage-core                           x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        423 k
 libvirt-daemon-driver-storage-disk                           x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        216 k
 libvirt-daemon-driver-storage-gluster                        x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        224 k
 libvirt-daemon-driver-storage-iscsi                          x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        214 k
 libvirt-daemon-driver-storage-logical                        x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        217 k
 libvirt-daemon-driver-storage-mpath                          x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        212 k
 libvirt-daemon-driver-storage-rbd                            x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        219 k
 libvirt-daemon-driver-storage-scsi                           x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        213 k
 libvirt-libs                                                 x86_64                        4.5.0-10.7.el7.bclinux.6                          bc-virt                        4.2 M

Transaction Summary
===================================================================================================================================================================================
Upgrade  1 Package (+22 Dependent packages)

Total download size: 11 M
Is this ok [y/d/N]:

    3. 复查

    [root@BC-Linux7 ~]# rpm -qa libvirt
libvirt-4.5.0-10.7.el7.bclinux.6.x86_64

    4. 重启服务

    安装升级包以后,重启相关服务或服务器方能使更新生效。
    建议在重启之前,联系相关组件的使用者,确认重启的影响。

    外部链接

    1.BC-Linux安全更新

    posted in 系统更新
    Z
    zhoushoujian
  • BLSA-2019:0032 - [重要] python 安全更新公告

    问题描述

    本次安全更新修复了以下内容:

    • python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc (CVE-2019-10160)

    影响版本

    • BigCloud Enterprise Linux 7.6

    更新类型

    • 缺陷更新:SA

    解决方案

    目前,BC-Linux 的官方源已经提供 python 的更新软件包,受影响的 BC-Linux 客户端用户需要升级到 python-2.7.5-80.el7_6 版本。

    1. 检查YUM源设置,确保使用的是 BC-Linux 官方YUM源

    [root@BC-Linux7 ~]# ll /etc/yum.repos.d/
total 24
-rw-r--r--. 1 root root  924 May 29 00:41 BCLinux-Base.repo
-rw-r--r--. 1 root root 1482 May 29 00:41 BCLinux-CR.repo
-rw-r--r--. 1 root root  669 May 29 00:41 BCLinux-Debuginfo.repo
-rw-r--r--. 1 root root 1763 May 29 00:41 BCLinux-Kernel.repo
-rw-r--r--. 1 root root  982 May 29 00:41 BCLinux-Source.repo

    2. 安装更新

    [root@BC-Linux7 ~]# yum update python
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package python.x86_64 0:2.7.5-77.el7_6 will be updated
---> Package python.x86_64 0:2.7.5-80.el7_6 will be an update
--> Processing Dependency: python-libs(x86-64) = 2.7.5-80.el7_6 for package: python-2.7.5-80.el7_6.x86_64
--> Running transaction check
---> Package python-libs.x86_64 0:2.7.5-77.el7_6 will be updated
---> Package python-libs.x86_64 0:2.7.5-80.el7_6 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================
 Package                                     Arch                                   Version                                          Repository                               Size
===================================================================================================================================================================================
Updating:
 python                                      x86_64                                 2.7.5-80.el7_6                                   updates                                  95 k
Updating for dependencies:
 python-libs                                 x86_64                                 2.7.5-80.el7_6                                   updates                                 5.6 M

Transaction Summary
===================================================================================================================================================================================
Upgrade  1 Package (+1 Dependent package)

Total download size: 5.7 M
Is this ok [y/d/N]:

    3. 复查

    [root@BC-Linux7 ~]# rpm -qa python
python-2.7.5-80.el7_6.x86_64

    4. 重启服务

    安装升级包以后,无需重启相关服务。

    外部链接

    1.BC-Linux安全更新

    posted in 系统更新
    Z
    zhoushoujian
  • BLSA-2019:0031 - [重要] kernel 安全更新公告

    问题描述

    本次安全更新修复了以下内容:

    • An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS). (CVE-2019-11477)
    • Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service (CVE-2019-11478)
    • Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service (CVE-2019-11479)

    影响版本

    • BigCloud Enterprise Linux 7.6

    更新类型

    • 缺陷更新:SA

    解决方案

    目前,BC-Linux 的官方源已经提供 kernel 的更新软件包,受影响的 BC-Linux 客户端用户需要升级到 kernel-3.10.0-957.21.3.el7 版本。

    1. 检查YUM源设置,确保使用的是 BC-Linux 官方YUM源

    [root@BC-Linux7 ~]# ll /etc/yum.repos.d/
total 24
-rw-r--r--. 1 root root  924 May 29 00:41 BCLinux-Base.repo
-rw-r--r--. 1 root root 1482 May 29 00:41 BCLinux-CR.repo
-rw-r--r--. 1 root root  669 May 29 00:41 BCLinux-Debuginfo.repo
-rw-r--r--. 1 root root 1763 May 29 00:41 BCLinux-Kernel.repo
-rw-r--r--. 1 root root  982 May 29 00:41 BCLinux-Source.repo

    2. 安装更新

    [root@BC-Linux7 ~]# yum update kernel
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package kernel.x86_64 0:3.10.0-957.21.3.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=========================================================================================================================================================================================================
 Package                                      Arch                                         Version                                                   Repository                                     Size
=========================================================================================================================================================================================================
Installing:
 kernel                                       x86_64                                       3.10.0-957.21.3.el7                                       updates                                        48 M

Transaction Summary
=========================================================================================================================================================================================================
Install  1 Package

Total download size: 48 M
Installed size: 63 M
Is this ok [y/d/N]:

    3. 复查

    [root@BC-Linux7 ~]# rpm -qa kernel
kernel-3.10.0-957.el7.x86_64
kernel-3.10.0-957.21.3.el7.x86_64

    4. 重启服务

    安装升级包以后,重启相关服务或服务器方能使更新生效。
    建议在重启之前,联系相关组件的使用者,确认重启的影响。

    外部链接

    1.BC-Linux安全更新

    posted in 系统更新
    Z
    zhoushoujian
  • BLSA-2019:0030 - [重要] kernel 安全更新公告

    问题描述

    Kernel包含Linux内核,这是任何Linux操作系统的核心。
    本次安全更新修复了以下内容:

    • Kernel: KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974)
    • Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer (CVE-2019-7221)

    影响版本

    • BigCloud Enterprise Linux 7.6

    更新类型

    • 缺陷更新:SA

    解决方案

    目前,BC-Linux 的官方源已经提供 kernel 的更新软件包,受影响的 BC-Linux 客户端用户需要升级到 kernel-3.10.0-957.12.1.el7 版本。

    1. 检查YUM源设置,确保使用的是 BC-Linux 官方YUM源

    [root@BC-Linux7 ~]# ll /etc/yum.repos.d/
total 24
-rw-r--r--. 1 root root  924 May 29 00:41 BCLinux-Base.repo
-rw-r--r--. 1 root root 1482 May 29 00:41 BCLinux-CR.repo
-rw-r--r--. 1 root root  669 May 29 00:41 BCLinux-Debuginfo.repo
-rw-r--r--. 1 root root 1763 May 29 00:41 BCLinux-Kernel.repo
-rw-r--r--. 1 root root  982 May 29 00:41 BCLinux-Source.repo

    2. 安装更新

    [root@BC-Linux7 ~]# yum install kernel-3.10.0-957.12.1.el7
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package kernel.x86_64 0:3.10.0-957.12.1.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================
 Package                              Arch                                 Version                                             Repository                                     Size
===================================================================================================================================================================================
Installing:
 kernel                               x86_64                               3.10.0-957.12.1.el7                                 koji_local_test                                48 M

Transaction Summary
===================================================================================================================================================================================
Install  1 Package

Total download size: 48 M
Installed size: 63 M
Is this ok [y/d/N]:

    3. 复查

    [root@BC-Linux7 ~]# rpm -qa kernel
kernel-3.10.0-957.10.1.el7.x86_64
kernel-3.10.0-957.el7.x86_64
kernel-3.10.0-957.1.3.el7.x86_64
kernel-3.10.0-957.5.1.el7.x86_64
kernel-3.10.0-957.12.1.el7.x86_64

    4. 重启服务

    安装升级包以后,需要重启相关服务或服务器方能使更新生效。
    建议在重启之前,联系相关组件的使用者,确认重启的影响。

    外部链接

    1.BC-Linux安全更新

    posted in 系统更新
    Z
    zhoushoujian
  • BLSA-2019:0029 - [重要] mod_auth_mellon 安全更新公告

    问题描述

    Apache HTTP Server的mod_auth_mellon模块是实现SAML 2.0联合协议的身份验证服务。模块根据IdP服务器生成的断言中接收的属性授予访问权限。
    本次安全更新修复了以下问题:

    • mod_auth_mellon: authentication bypass in ECP flow (CVE-2019-3878)
    • mod_auth_mellon: open redirect in logout url when using URLs with backslashes (CVE-2019-3877)

    影响版本

    • BigCloud Enterprise Linux 7.6

    更新类型

    • 缺陷更新:SA

    解决方案

    目前,BC-Linux 的官方源已经提供 mod_auth_mellon 的更新软件包,受影响的 BC-Linux 客户端用户需要升级到 mod_auth_mellon-0.14.0-2.el7_6.4 版本。

    1. 检查YUM源设置,确保使用的是 BC-Linux 官方YUM源

    [root@BC-Linux7 ~]# ll /etc/yum.repos.d/
total 24
-rw-r--r--. 1 root root  924 May 29 00:41 BCLinux-Base.repo
-rw-r--r--. 1 root root 1482 May 29 00:41 BCLinux-CR.repo
-rw-r--r--. 1 root root  669 May 29 00:41 BCLinux-Debuginfo.repo
-rw-r--r--. 1 root root 1763 May 29 00:41 BCLinux-Kernel.repo
-rw-r--r--. 1 root root  982 May 29 00:41 BCLinux-Source.repo

    2. 安装更新

    [root@BC-Linux7 ~]# yum install mod_auth_mellon
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package mod_auth_mellon.x86_64 0:0.14.0-2.el7_6.4 will be installed
--> Processing Dependency: httpd-mmn = 20120211x8664 for package: mod_auth_mellon-0.14.0-2.el7_6.4.x86_64
--> Processing Dependency: lasso >= 2.5.1 for package: mod_auth_mellon-0.14.0-2.el7_6.4.x86_64
--> Processing Dependency: liblasso.so.3()(64bit) for package: mod_auth_mellon-0.14.0-2.el7_6.4.x86_64
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-89.el7.6 will be installed
--> Processing Dependency: httpd-tools = 2.4.6-89.el7.6 for package: httpd-2.4.6-89.el7.6.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-89.el7.6.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-89.el7.6.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-89.el7.6.x86_64
---> Package lasso.x86_64 0:2.5.1-2.el7 will be installed
--> Running transaction check
---> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed
---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
---> Package httpd-tools.x86_64 0:2.4.6-89.el7.6 will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================
 Package                                      Arch                                Version                                       Repository                                    Size
===================================================================================================================================================================================
Installing:
 mod_auth_mellon                              x86_64                              0.14.0-2.el7_6.4                              updates                                      1.3 M
Installing for dependencies:
 apr                                          x86_64                              1.4.8-3.el7_4.1                               base                                         103 k
 apr-util                                     x86_64                              1.5.2-6.el7                                   base                                          92 k
 httpd                                        x86_64                              2.4.6-89.el7.6                                koji_local_test                              1.2 M
 httpd-tools                                  x86_64                              2.4.6-89.el7.6                                koji_local_test                               90 k
 lasso                                        x86_64                              2.5.1-2.el7                                   base                                         191 k
 mailcap                                      noarch                              2.1.41-2.el7                                  base                                          31 k

Transaction Summary
===================================================================================================================================================================================
Install  1 Package (+6 Dependent packages)

Total download size: 2.9 M
Installed size: 7.3 M
Is this ok [y/d/N]:

    3. 复查

    [root@BC-Linux7 ~]# rpm -qa mod_auth_mellon
mod_auth_mellon-0.14.0-2.el7_6.4.x86_64

    4. 重启服务

    安装升级包以后,可能需要重启相关服务或服务器方能使更新生效。
    建议在重启之前,联系相关组件的使用者,确认重启的影响。

    外部链接

    1.BC-Linux安全更新

    posted in 系统更新
    Z
    zhoushoujian
  • BLSA-2019:0028 - [重要] python 安全更新公告

    问题描述

    Python是一种解释性的,交互式的,面向对象的编程语言,包括模块,类,异常,非常高级的动态数据类型和动态类型。Python支持许多系统调用和库以及各种窗口系统的接口。
    本次安全更新修复了以下内容:

    • python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636)

    影响版本

    • BigCloud Enterprise Linux 7.6

    更新类型

    • 缺陷更新:SA

    解决方案

    目前,BC-Linux 的官方源已经提供 python 的更新软件包,受影响的 BC-Linux 客户端用户需要升级到 python-2.7.5-77.el7_6 版本。

    1. 检查YUM源设置,确保使用的是 BC-Linux 官方YUM源

    [root@BC-Linux7 ~]# ll /etc/yum.repos.d/
total 24
-rw-r--r--. 1 root root  924 May 29 00:41 BCLinux-Base.repo
-rw-r--r--. 1 root root 1482 May 29 00:41 BCLinux-CR.repo
-rw-r--r--. 1 root root  669 May 29 00:41 BCLinux-Debuginfo.repo
-rw-r--r--. 1 root root 1763 May 29 00:41 BCLinux-Kernel.repo
-rw-r--r--. 1 root root  982 May 29 00:41 BCLinux-Source.repo

    2. 安装更新

    [root@BC-Linux7 ~]# yum install python-2.7.5-77.el7_6
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package python.x86_64 0:2.7.5-76.el7 will be updated
---> Package python.x86_64 0:2.7.5-77.el7_6 will be an update
--> Processing Dependency: python-libs(x86-64) = 2.7.5-77.el7_6 for package: python-2.7.5-77.el7_6.x86_64
--> Running transaction check
---> Package python-libs.x86_64 0:2.7.5-76.el7 will be updated
---> Package python-libs.x86_64 0:2.7.5-77.el7_6 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================
 Package                                     Arch                                   Version                                          Repository                               Size
===================================================================================================================================================================================
Updating:
 python                                      x86_64                                 2.7.5-77.el7_6                                   updates                                  94 k
Updating for dependencies:
 python-libs                                 x86_64                                 2.7.5-77.el7_6                                   updates                                 5.6 M

Transaction Summary
===================================================================================================================================================================================
Upgrade  1 Package (+1 Dependent package)

Total download size: 5.7 M
Is this ok [y/d/N]:

    3. 复查

    [root@BC-Linux7 ~]# rpm -qa python
python-2.7.5-77.el7_6.x86_64

    4. 重启服务

    安装升级包以后,无需重启相关服务。

    外部链接

    1.BC-Linux安全更新

    posted in 系统更新
    Z
    zhoushoujian
  • BLSA-2019:0027 - [重要] freerdp 安全更新公告

    问题描述

    FreeRDP是根据Apache许可证发布的远程桌面协议(RDP)的免费实现。xfreerdp客户端可以连接到RDP服务器,例如Microsoft Windows机器,xrdp和VirtualBox。
    本次安全更新修复了以下内容:

    • freerdp: Integer truncation leading to heap-based buffer overflow in update_read_bitmap_update() function (CVE-2018-8786)
    • freerdp: Integer overflow leading to heap-based buffer overflow in gdi_Bitmap_Decompress() function (CVE-2018-8787)
    • freerdp: Out-of-bounds write in nsc_rle_decode() function (CVE-2018-8788)

    影响版本

    • BigCloud Enterprise Linux 7.6

    更新类型

    • 缺陷更新:SA

    解决方案

    目前,BC-Linux 的官方源已经提供 freerdp 的更新软件包,受影响的 BC-Linux 客户端用户需要升级到 freerdp-1.0.2-15.el7_6.1 版本。

    1. 检查YUM源设置,确保使用的是 BC-Linux 官方YUM源

    [root@BC-Linux7 ~]# ll /etc/yum.repos.d/
total 24
-rw-r--r--. 1 root root  924 May 29 00:41 BCLinux-Base.repo
-rw-r--r--. 1 root root 1482 May 29 00:41 BCLinux-CR.repo
-rw-r--r--. 1 root root  669 May 29 00:41 BCLinux-Debuginfo.repo
-rw-r--r--. 1 root root 1763 May 29 00:41 BCLinux-Kernel.repo
-rw-r--r--. 1 root root  982 May 29 00:41 BCLinux-Source.repo

    2. 安装更新

    [root@BC-Linux7 ~]# yum install freerdp-1.0.2-15.el7_6.1
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package freerdp.x86_64 0:1.0.2-15.el7_6.1 will be installed
--> Processing Dependency: freerdp-plugins(x86-64) = 1.0.2-15.el7_6.1 for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: freerdp-libs(x86-64) = 1.0.2-15.el7_6.1 for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libxkbfile.so.1()(64bit) for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libfreerdp-utils.so.1.0()(64bit) for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libfreerdp-rail.so.1.0()(64bit) for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libfreerdp-kbd.so.1.0()(64bit) for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libfreerdp-gdi.so.1.0()(64bit) for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libfreerdp-core.so.1.0()(64bit) for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libfreerdp-codec.so.1.0()(64bit) for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libfreerdp-channels.so.1.0()(64bit) for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libfreerdp-cache.so.1.0()(64bit) for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libXv.so.1()(64bit) for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libXinerama.so.1()(64bit) for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libXcursor.so.1()(64bit) for package: freerdp-1.0.2-15.el7_6.1.x86_64
--> Running transaction check
---> Package freerdp-libs.x86_64 0:1.0.2-15.el7_6.1 will be installed
---> Package freerdp-plugins.x86_64 0:1.0.2-15.el7_6.1 will be installed
--> Processing Dependency: libpulse.so.0(PULSE_0)(64bit) for package: freerdp-plugins-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libpulse.so.0()(64bit) for package: freerdp-plugins-1.0.2-15.el7_6.1.x86_64
--> Processing Dependency: libpcsclite.so.1()(64bit) for package: freerdp-plugins-1.0.2-15.el7_6.1.x86_64
---> Package libXcursor.x86_64 0:1.1.15-1.el7 will be installed
--> Processing Dependency: libXrender.so.1()(64bit) for package: libXcursor-1.1.15-1.el7.x86_64
--> Processing Dependency: libXfixes.so.3()(64bit) for package: libXcursor-1.1.15-1.el7.x86_64
---> Package libXinerama.x86_64 0:1.1.3-2.1.el7 will be installed
---> Package libXv.x86_64 0:1.0.11-1.el7 will be installed
---> Package libxkbfile.x86_64 0:1.0.9-3.el7 will be installed
--> Running transaction check
---> Package libXfixes.x86_64 0:5.0.3-1.el7 will be installed
---> Package libXrender.x86_64 0:0.9.10-1.el7 will be installed
---> Package pcsc-lite-libs.x86_64 0:1.8.8-8.el7 will be installed
---> Package pulseaudio-libs.x86_64 0:10.0-5.el7 will be installed
--> Processing Dependency: libsndfile.so.1(libsndfile.so.1.0)(64bit) for package: pulseaudio-libs-10.0-5.el7.x86_64
--> Processing Dependency: libsndfile.so.1()(64bit) for package: pulseaudio-libs-10.0-5.el7.x86_64
--> Processing Dependency: libasyncns.so.0()(64bit) for package: pulseaudio-libs-10.0-5.el7.x86_64
--> Processing Dependency: libXtst.so.6()(64bit) for package: pulseaudio-libs-10.0-5.el7.x86_64
--> Running transaction check
---> Package libXtst.x86_64 0:1.2.3-1.el7 will be installed
--> Processing Dependency: libXi.so.6()(64bit) for package: libXtst-1.2.3-1.el7.x86_64
---> Package libasyncns.x86_64 0:0.8-7.el7 will be installed
---> Package libsndfile.x86_64 0:1.0.25-10.el7 will be installed
--> Processing Dependency: libvorbisenc.so.2()(64bit) for package: libsndfile-1.0.25-10.el7.x86_64
--> Processing Dependency: libvorbis.so.0()(64bit) for package: libsndfile-1.0.25-10.el7.x86_64
--> Processing Dependency: libogg.so.0()(64bit) for package: libsndfile-1.0.25-10.el7.x86_64
--> Processing Dependency: libgsm.so.1()(64bit) for package: libsndfile-1.0.25-10.el7.x86_64
--> Processing Dependency: libFLAC.so.8()(64bit) for package: libsndfile-1.0.25-10.el7.x86_64
--> Running transaction check
---> Package flac-libs.x86_64 0:1.3.0-5.el7_1 will be installed
---> Package gsm.x86_64 0:1.0.13-11.el7 will be installed
---> Package libXi.x86_64 0:1.7.9-1.el7 will be installed
---> Package libogg.x86_64 2:1.3.0-7.el7 will be installed
---> Package libvorbis.x86_64 1:1.3.3-8.el7.1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================
 Package                                        Arch                                  Version                                         Repository                              Size
===================================================================================================================================================================================
Installing:
 freerdp                                        x86_64                                1.0.2-15.el7_6.1                                updates                                 58 k
Installing for dependencies:
 flac-libs                                      x86_64                                1.3.0-5.el7_1                                   base                                   169 k
 freerdp-libs                                   x86_64                                1.0.2-15.el7_6.1                                updates                                224 k
 freerdp-plugins                                x86_64                                1.0.2-15.el7_6.1                                updates                                 94 k
 gsm                                            x86_64                                1.0.13-11.el7                                   base                                    30 k
 libXcursor                                     x86_64                                1.1.15-1.el7                                    base                                    30 k
 libXfixes                                      x86_64                                5.0.3-1.el7                                     base                                    18 k
 libXi                                          x86_64                                1.7.9-1.el7                                     base                                    40 k
 libXinerama                                    x86_64                                1.1.3-2.1.el7                                   base                                    14 k
 libXrender                                     x86_64                                0.9.10-1.el7                                    base                                    26 k
 libXtst                                        x86_64                                1.2.3-1.el7                                     base                                    20 k
 libXv                                          x86_64                                1.0.11-1.el7                                    base                                    18 k
 libasyncns                                     x86_64                                0.8-7.el7                                       base                                    26 k
 libogg                                         x86_64                                2:1.3.0-7.el7                                   base                                    24 k
 libsndfile                                     x86_64                                1.0.25-10.el7                                   base                                   149 k
 libvorbis                                      x86_64                                1:1.3.3-8.el7.1                                 base                                   204 k
 libxkbfile                                     x86_64                                1.0.9-3.el7                                     base                                    83 k
 pcsc-lite-libs                                 x86_64                                1.8.8-8.el7                                     base                                    34 k
 pulseaudio-libs                                x86_64                                10.0-5.el7                                      base                                   651 k

Transaction Summary
===================================================================================================================================================================================
Install  1 Package (+18 Dependent packages)

Total download size: 1.9 M
Installed size: 9.2 M
Is this ok [y/d/N]:

    3. 复查

    [root@BC-Linux7 ~]# rpm -qa freerdp 
freerdp-1.0.2-15.el7_6.1.x86_64

    4. 重启服务

    安装升级包以后,无需重启相关服务。

    外部链接

    1.BC-Linux安全更新

    posted in 系统更新
    Z
    zhoushoujian
  • BLSA-2019:0026 - [重要] ghostscript 安全更新公告

    问题描述

    Ghostscript套件包含用于呈现PostScript和PDF文档的实用程序。Ghostscript将PostScript代码转换为常见的位图格式,以便可以显示或打印代码。
    本次安全更新修复了以下内容:

    • ghostscript: superexec operator is available (700585) (CVE-2019-3835)
    • ghostscript: forceput in DefineResource is still accessible (700576) (CVE-2019-3838)

    影响版本

    • BigCloud Enterprise Linux 7.6

    更新类型

    • 缺陷更新:SA

    解决方案

    目前,BC-Linux 的官方源已经提供 ghostscript 的更新软件包,受影响的 BC-Linux 客户端用户需要升级到 ghostscript-9.07-31.el7_6.10 版本。

    1. 检查YUM源设置,确保使用的是 BC-Linux 官方YUM源

    [root@BC-Linux7 ~]# ll /etc/yum.repos.d/
total 24
-rw-r--r--. 1 root root  924 May 29 00:41 BCLinux-Base.repo
-rw-r--r--. 1 root root 1482 May 29 00:41 BCLinux-CR.repo
-rw-r--r--. 1 root root  669 May 29 00:41 BCLinux-Debuginfo.repo
-rw-r--r--. 1 root root 1763 May 29 00:41 BCLinux-Kernel.repo
-rw-r--r--. 1 root root  982 May 29 00:41 BCLinux-Source.repo

    2. 安装更新

    [root@BC-Linux7 ~]# yum install ghostscript-9.07-31.el7_6.10
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package ghostscript.x86_64 0:9.07-31.el7_6.9 will be updated
---> Package ghostscript.x86_64 0:9.07-31.el7_6.10 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================
 Package                                     Arch                                   Version                                          Repository                               Size
===================================================================================================================================================================================
Updating:
 ghostscript                                 x86_64                                 9.07-31.el7_6.10                                 updates                                 4.3 M

Transaction Summary
===================================================================================================================================================================================
Upgrade  1 Package

Total download size: 4.3 M
Is this ok [y/d/N]:

    3. 复查

    [root@BC-Linux7 ~]# rpm -qa ghostscript
ghostscript-9.07-31.el7_6.10.x86_64

    4. 重启服务

    安装升级包以后,无需重启相关服务。

    外部链接

    1.BC-Linux安全更新

    posted in 系统更新
    Z
    zhoushoujian
  • BLSA-2019:0025 - [重要] kernel 安全更新公告

    问题描述

    Kernel包含Linux内核,这是任何Linux操作系统的核心。
    本次安全更新修复了以下内容:

    • kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568)
    • kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks (CVE-2018-17972)
    • kernel: Faulty computation of numberic bounds in the BPF verifier (CVE-2018-18445)

    影响版本

    • BigCloud Enterprise Linux 7.6

    更新类型

    • 缺陷更新:SA

    解决方案

    目前,BC-Linux 的官方源已经提供 kernel 的更新软件包,受影响的 BC-Linux 客户端用户需要升级到 kernel-3.10.0-957.10.1.el7 版本。

    1. 检查YUM源设置,确保使用的是 BC-Linux 官方YUM源

    [root@BC-Linux7 ~]# ll /etc/yum.repos.d/
total 24
-rw-r--r--. 1 root root  924 May 29 00:41 BCLinux-Base.repo
-rw-r--r--. 1 root root 1482 May 29 00:41 BCLinux-CR.repo
-rw-r--r--. 1 root root  669 May 29 00:41 BCLinux-Debuginfo.repo
-rw-r--r--. 1 root root 1763 May 29 00:41 BCLinux-Kernel.repo
-rw-r--r--. 1 root root  982 May 29 00:41 BCLinux-Source.repo

    2. 安装更新

    [root@BC-Linux7 ~]# yum install kernel-3.10.0-957.10.1.el7
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package kernel.x86_64 0:3.10.0-957.10.1.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================================================
 Package                                Arch                                   Version                                               Repository                               Size
===================================================================================================================================================================================
Installing:
 kernel                                 x86_64                                 3.10.0-957.10.1.el7                                   updates                                  48 M

Transaction Summary
===================================================================================================================================================================================
Install  1 Package

Total download size: 48 M
Installed size: 63 M
Is this ok [y/d/N]:

    3. 复查

    [root@BC-Linux7 ~]# rpm -qa kernel
kernel-3.10.0-957.10.1.el7.x86_64
kernel-3.10.0-957.el7.x86_64
kernel-3.10.0-957.1.3.el7.x86_64
kernel-3.10.0-957.5.1.el7.x86_64

    4. 重启服务

    安装升级包以后,重启相关服务或服务器方能使更新生效。
    建议在重启之前,联系相关组件的使用者,确认重启的影响。

    外部链接

    1.BC-Linux安全更新

    posted in 系统更新
    Z
    zhoushoujian