security PCI

Broekman, Maarten Maarten.Broekman at FMR.COM
Wed Nov 18 19:04:59 UTC 2009 

You might also get lucky and have the CVE or RHSA listed in the changelog, which you can query with
$ rpm -q --changelog $rpmName

Unfortunately, from what I've seen the CVE or RHSA isn't _always_ listed there.

--Maarten

>  -----Original Message-----
>  From: redhat-sysadmin-list-bounces at redhat.com [mailto:redhat-sysadmin-
>  list-bounces at redhat.com] On Behalf Of Pennington, John
>  Sent: Wednesday, November 18, 2009 1:46 PM
>  To: redhat-sysadmin-list at redhat.com
>  Subject: RE: security PCI
>  
>  Thanks everyone for the replies.
>  
>  I'm running
>  
>  # rpm -q apr-util
>  apr-util-1.2.7-7.el5_3.2
>  apr-util-1.2.7-7.el5_3.2
>  
>  Which is greater than
>  
>  apr-util-devel-1.2.7-7.el5_3.1.i386.rpm
>  
>  listed in the advisory. So I guess I'm good.
>  
>  Thanks again to everyone.
>  
>  -J
>  
>  -----Original Message-----
>  From: redhat-sysadmin-list-bounces at redhat.com [mailto:redhat-sysadmin-
>  list-bounces at redhat.com] On Behalf Of James Olin Oden
>  Sent: Wednesday, November 18, 2009 10:35 AM
>  To: redhat-sysadmin-list at redhat.com
>  Subject: Re: security PCI
>  
>  On Wed, Nov 18, 2009 at 1:24 PM, Pennington, John
>  <penningt at uchastings.edu> wrote:
>  > Hi all,
>  >
>  > I'm a little new to redhat so I apologize if this question is a bit
>  basic.
>  > We are doing some PCI auditing on one of our machines that is running
>  >  Redhat 5.4, and the scan found a few apache vulnerabilities.  CVE-
>  2009-0023
>  > for example were on the list.
>  >
>  > When I go to the redhat website and look for that vulnerability it says
>  it
>  > is fixed in redhat 5 and provides a link to a page that shows: apr-util
>  > security update Advisory: RHSA-2009:1107-1.
>  >
>  > My question is, what command do I use to  verify that the RHSA-2009-
>  1107-1
>  > security update has been applied to my system?
>  >
>  These advisories should list the rpms that need to be applied to get
>  the update.   You then just get the versions of the rpms listed in the
>  advisory via:
>  
>      rpm -q $rpmName
>  
>  If it is equal to or greater than the version in the advisory then your
>  good.
>  
>  Note, since your a newbie to RedHat, I'll mention that rpms have two
>  version attributes (actually 3 but only two are visible in the name),
>  this would be the VERSION and RELEASE.  Most rpm's are named like:
>  
>      $NAME-$VERSION-$RELEASE.$ARCH.rpm
>  
>  Note $NAME can have -'s in it, so you have to scan backwards if your
>  scanning for the release and version.
>  
>  Cheers...james
>  
>  --
>  redhat-sysadmin-list mailing list
>  redhat-sysadmin-list at redhat.com
>  https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list
>  
>  --
>  redhat-sysadmin-list mailing list
>  redhat-sysadmin-list at redhat.com
>  https://www.redhat.com/mailman/listinfo/redhat-sysadmin-list

More information about the redhat-sysadmin-list mailing list