security PCI
Broekman, Maarten
Maarten.Broekman at FMR.COM
Wed Nov 18 19:04:59 UTC 2009
You might also get lucky and have the CVE or RHSA listed in the changelog, which you can query with
$ rpm -q --changelog $rpmName
Unfortunately, from what I've seen the CVE or RHSA isn't _always_ listed there.
--Maarten
> -----Original Message-----
> From: redhat-sysadmin-list-bounces at redhat.com [mailto:redhat-sysadmin-
> list-bounces at redhat.com] On Behalf Of Pennington, John
> Sent: Wednesday, November 18, 2009 1:46 PM
> To: redhat-sysadmin-list at redhat.com
> Subject: RE: security PCI
>
> Thanks everyone for the replies.
>
> I'm running
>
> # rpm -q apr-util
> apr-util-1.2.7-7.el5_3.2
> apr-util-1.2.7-7.el5_3.2
>
> Which is greater than
>
> apr-util-devel-1.2.7-7.el5_3.1.i386.rpm
>
> listed in the advisory. So I guess I'm good.
>
> Thanks again to everyone.
>
> -J
>
> -----Original Message-----
> From: redhat-sysadmin-list-bounces at redhat.com [mailto:redhat-sysadmin-
> list-bounces at redhat.com] On Behalf Of James Olin Oden
> Sent: Wednesday, November 18, 2009 10:35 AM
> To: redhat-sysadmin-list at redhat.com
> Subject: Re: security PCI
>
> On Wed, Nov 18, 2009 at 1:24 PM, Pennington, John
> <penningt at uchastings.edu> wrote:
> > Hi all,
> >
> > I'm a little new to redhat so I apologize if this question is a bit
> basic.
> > We are doing some PCI auditing on one of our machines that is running
> > Redhat 5.4, and the scan found a few apache vulnerabilities. CVE-
> 2009-0023
> > for example were on the list.
> >
> > When I go to the redhat website and look for that vulnerability it says
> it
> > is fixed in redhat 5 and provides a link to a page that shows: apr-util
> > security update Advisory: RHSA-2009:1107-1.
> >
> > My question is, what command do I use to verify that the RHSA-2009-
> 1107-1
> > security update has been applied to my system?
> >
> These advisories should list the rpms that need to be applied to get
> the update. You then just get the versions of the rpms listed in the
> advisory via:
>
> rpm -q $rpmName
>
> If it is equal to or greater than the version in the advisory then your
> good.
>
> Note, since your a newbie to RedHat, I'll mention that rpms have two
> version attributes (actually 3 but only two are visible in the name),
> this would be the VERSION and RELEASE. Most rpm's are named like:
>
> $NAME-$VERSION-$RELEASE.$ARCH.rpm
>
> Note $NAME can have -'s in it, so you have to scan backwards if your
> scanning for the release and version.
>
> Cheers...james
>
> --
> redhat-sysadmin-list mailing list
> redhat-sysadmin-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list
>
> --
> redhat-sysadmin-list mailing list
> redhat-sysadmin-list at redhat.com
> https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list
More information about the redhat-sysadmin-list
mailing list