security PCI
James Olin Oden
james.oden at gmail.com
Wed Nov 18 18:35:11 UTC 2009
On Wed, Nov 18, 2009 at 1:24 PM, Pennington, John
<penningt at uchastings.edu> wrote:
> Hi all,
>
> I’m a little new to redhat so I apologize if this question is a bit basic.
> We are doing some PCI auditing on one of our machines that is running
> Redhat 5.4, and the scan found a few apache vulnerabilities. CVE-2009-0023
> for example were on the list.
>
> When I go to the redhat website and look for that vulnerability it says it
> is fixed in redhat 5 and provides a link to a page that shows: apr-util
> security update Advisory: RHSA-2009:1107-1.
>
> My question is, what command do I use to verify that the RHSA-2009-1107-1
> security update has been applied to my system?
>
These advisories should list the rpms that need to be applied to get
the update. You then just get the versions of the rpms listed in the
advisory via:
rpm -q $rpmName
If it is equal to or greater than the version in the advisory then your good.
Note, since your a newbie to RedHat, I'll mention that rpms have two
version attributes (actually 3 but only two are visible in the name),
this would be the VERSION and RELEASE. Most rpm's are named like:
$NAME-$VERSION-$RELEASE.$ARCH.rpm
Note $NAME can have -'s in it, so you have to scan backwards if your
scanning for the release and version.
Cheers...james
More information about the redhat-sysadmin-list
mailing list