Installing the last version of percona-toolkit

Amir_Kheirabadi · September 13, 2024, 11:30am

Hello,

I’m working on addressing CVE-2023-45288 on a service that uses Percona. I noticed that this issue was resolved in the latest version (v3.6.0), but after reviewing the Dockerfile for our service, I found that instead of installing the latest version, it’s still installing version 3.5.7-1.el7 for some unknown reason. As a result, the vulnerability persists.

Here’s the relevant part of the Dockerfile that installs Percona Toolkit:

....
FROM amazonlinux:2 as release

# Percona + SQL installs
RUN yum update -y && \
    yum upgrade -y

RUN yum install -y https://repo.percona.com/yum/percona-release-latest.noarch.rpm && \
    percona-release enable pdps-8x-innovation

RUN yum update -y && yum install -y percona-toolkit
...

We’re wondering if there’s a possibility that some of the links in percona-release-latest.noarch.rpm might be broken or outdated, but we’re not certain. Do you have any insights on this?

matthewb · September 13, 2024, 4:25pm

percona-toolkit-3.6.0 indeed exists in the repo:
https://repo.percona.com/pt/yum/release/9/RPMS/x86_64/

Make sure you have enabled ‘pt’ repo for the toolkit.

You’re using amazon linux; I’m not sure how that translates to our repo URL.

Topic		Replies	Views
Percona-release no longer works	6	210	June 4, 2024
Percona Toolkit 2.2.20 is now available Percona Toolkit	1	711	February 18, 2017
percona-toolkit does not get updated to latest update via PERCONA repo servers Other MySQL® Questions	9	2149	July 14, 2020
Percona Toolkit on Amazon Linux Percona Toolkit	1	370	June 27, 2024
When will YUM repo be updated with 5.6.32 to patch CVE-2016-06662 ? Percona Server for MySQL 5.6	0	471	September 20, 2016

Installing the last version of percona-toolkit

Related topics