security PCI

[Pennington, John]

Thanks everyone for the replies.

I'm running 

# rpm -q apr-util
apr-util-1.2.7-7.el5_3.2
apr-util-1.2.7-7.el5_3.2

Which is greater than 

apr-util-devel-1.2.7-7.el5_3.1.i386.rpm

listed in the advisory. So I guess I'm good.  

Thanks again to everyone.

-J

-----Original Message-----
From: redhat-sysadmin-list-bounces at redhat.com [mailto:redhat-sysadmin-list-bounces at redhat.com] On Behalf Of James Olin Oden
Sent: Wednesday, November 18, 2009 10:35 AM
To: redhat-sysadmin-list at redhat.com
Subject: Re: security PCI

On Wed, Nov 18, 2009 at 1:24 PM, Pennington, John
<penningt at uchastings.edu> wrote:
> Hi all,
>
> I'm a little new to redhat so I apologize if this question is a bit basic.
> We are doing some PCI auditing on one of our machines that is running
>  Redhat 5.4, and the scan found a few apache vulnerabilities.  CVE-2009-0023
> for example were on the list.
>
> When I go to the redhat website and look for that vulnerability it says it
> is fixed in redhat 5 and provides a link to a page that shows: apr-util
> security update Advisory: RHSA-2009:1107-1.
>
> My question is, what command do I use to  verify that the RHSA-2009-1107-1
> security update has been applied to my system?
>
These advisories should list the rpms that need to be applied to get
the update.   You then just get the versions of the rpms listed in the
advisory via:

    rpm -q $rpmName

If it is equal to or greater than the version in the advisory then your good.

Note, since your a newbie to RedHat, I'll mention that rpms have two
version attributes (actually 3 but only two are visible in the name),
this would be the VERSION and RELEASE.  Most rpm's are named like:

    $NAME-$VERSION-$RELEASE.$ARCH.rpm

Note $NAME can have -'s in it, so you have to scan backwards if your
scanning for the release and version.

Cheers...james

--
redhat-sysadmin-list mailing list
redhat-sysadmin-list at redhat.com
https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list