http://www.cyberciti.biz/faq/linux-find-out-patch-can-cve-applied
I know how to update my system using the yum command. But, how can I find out that patch has been applied to a package? How do I search CVE patch number applied to a package under a Red Hat Enterprise Linux/CentOS/RHEL/Fedora Linux based system?
You need to use the rpm command. Each rpm package stores information about patches including date, small description and CVE number. You can use the -q query option to display change information for the package.
For example find out if CVE-2008-1927 has been applied to perl package or not, enter:
Sample output:
OR
Sample output:
I know how to update my system using the yum command. But, how can I find out that patch has been applied to a package? How do I search CVE patch number applied to a package under a Red Hat Enterprise Linux/CentOS/RHEL/Fedora Linux based system?
You need to use the rpm command. Each rpm package stores information about patches including date, small description and CVE number. You can use the -q query option to display change information for the package.
rpm –changelog option
Use the command as follows:rpm -q --changelog {package-name}
rpm -q --changelog {package-name} | more
rpm -q --changelog {package-name} | grep CVE-NUMBER
For example find out if CVE-2008-1927 has been applied to perl package or not, enter:
# rpm -q --changelog perl|grep CVE-2008-1927
Sample output:
- CVE-2008-1927 perl: double free on regular expressions with utf8 charactersList all applied patches for php, enter:
# rpm -q --changelog php
OR
# rpm -q --changelog php | more
Sample output:
* Tue Jun 03 2008 Joe Orton |
How do I find CVE for a rpm file itself?
Above command will query installed package only. To query rpm file, enter:$ rpm -qp --changelog rsnapshot-1.3.0-1.noarch.rpm | more
Further readings:
- rpm command man page: rpm(8)
No comments:
Post a Comment