Checking for critical security updates - RHEL
For RHEL 6 , need to check yum-security-plugin is installed (for RHEL 7 it has been incorporated into yum)
#rpm -qa | grep yum-plugin-security yum-plugin-security-1.1.30-14.el6.noarch
Check for critical security updates
# yum --security --sec-severity=Critical check-update Loaded plugins: package_upload, product-id, security, subscription-manager This system is receiving updates from Red Hat Subscription Management. rhel-6-server-rpms | 2.0 kB 00:00 rhel-6-server-rpms/primary | 29 MB 00:00 rhel-6-server-rpms 18431/18431 Limiting package lists to security relevant ones rhel-6-server-rpms/updateinfo | 3.3 MB 00:00 23 package(s) needed for security, out of 585 available glibc.i686 2.12-1.192.el6 rhel-6-server-rpms glibc.x86_64 2.12-1.192.el6 rhel-6-server-rpms glibc-common.x86_64 2.12-1.192.el6 rhel-6-server-rpms glibc-devel.x86_64 2.12-1.192.el6 rhel-6-server-rpms glibc-headers.x86_64 2.12-1.192.el6 rhel-6-server-rpms java-1.6.0-openjdk.x86_64 1:1.6.0.41-1.13.13.1.el6_8 rhel-6-server-rpms java-1.7.0-openjdk.x86_64 1:1.7.0.121-2.6.8.1.el6_8 rhel-6-server-rpms libsmbclient.x86_64 3.6.23-36.el6_8 rhel-6-server-rpms nscd.x86_64 2.12-1.192.el6 rhel-6-server-rpms nspr.x86_64 4.11.0-1.el6 rhel-6-server-rpms nss.x86_64 3.21.3-2.el6_8 rhel-6-server-rpms nss-sysinit.x86_64 3.21.3-2.el6_8 rhel-6-server-rpms nss-tools.x86_64 3.21.3-2.el6_8 rhel-6-server-rpms nss-util.x86_64 3.21.3-1.el6_8 rhel-6-server-rpms ruby.x86_64 1.8.7.374-4.el6_6 rhel-6-server-rpms ruby-libs.x86_64 1.8.7.374-4.el6_6 rhel-6-server-rpms samba.x86_64 3.6.23-36.el6_8 rhel-6-server-rpms samba-client.x86_64 3.6.23-36.el6_8 rhel-6-server-rpms samba-common.x86_64 3.6.23-36.el6_8 rhel-6-server-rpms samba-winbind.x86_64 3.6.23-36.el6_8 rhel-6-server-rpms samba-winbind-clients.x86_64 3.6.23-36.el6_8 rhel-6-server-rpms samba4-libs.x86_64 4.2.10-7.el6_8 rhel-6-server-rpms xulrunner.x86_64 17.0.10-1.el6_4 rhel-6-server-rpms
To find the advisory references
# yum --sec-severity=Critical updateinfo list Loaded plugins: package_upload, product-id, security, subscription-manager This system is receiving updates from Red Hat Subscription Management. rhel-6-server-rpms | 2.0 kB 0:00 RHSA-2016:0175 Critical/Sec. glibc-2.12-1.166.el6_7.7.i686 RHSA-2016:0175 Critical/Sec. glibc-common-2.12-1.166.el6_7.7.x86_64 RHSA-2016:0175 Critical/Sec. glibc-devel-2.12-1.166.el6_7.7.x86_64 RHSA-2016:0175 Critical/Sec. glibc-headers-2.12-1.166.el6_7.7.x86_64 RHSA-2013:0605 Critical/Sec. java-1.6.0-openjdk-1:1.6.0.0-1.57.1.11.9.el6_4.x86_64 RHSA-2013:0602 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.9-2.3.8.0.el6_4.x86_64 RHSA-2013:0751 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.19-2.3.9.1.el6_4.x86_64 RHSA-2013:0957 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.25-2.3.10.3.el6_4.x86_64 RHSA-2013:1451 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4.x86_64 RHSA-2014:0026 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64 RHSA-2014:0406 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5.x86_64 RHSA-2016:0053 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.95-2.6.4.0.el6_7.x86_64 RHSA-2016:0511 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.99-2.6.5.0.el6_7.x86_64 RHSA-2016:0675 Critical/Sec. java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.el6_7.x86_64 RHSA-2015:0251 Critical/Sec. libsmbclient-3.6.23-14.el6_6.x86_64 RHSA-2016:0611 Critical/Sec. libsmbclient-3.6.23-30.el6_7.x86_64 RHSA-2016:0175 Critical/Sec. nscd-2.12-1.166.el6_7.7.x86_64 RHSA-2014:0917 Critical/Sec. nspr-4.10.6-1.el6_5.x86_64 RHSA-2014:0917 Critical/Sec. nss-3.16.1-4.el6_5.x86_64 RHSA-2014:0917 Critical/Sec. nss-sysinit-3.16.1-4.el6_5.x86_64 RHSA-2014:0917 Critical/Sec. nss-tools-3.16.1-4.el6_5.x86_64 RHSA-2014:0917 Critical/Sec. nss-util-3.16.1-1.el6_5.x86_64 RHSA-2013:1764 Critical/Sec. ruby-1.8.7.352-13.el6.x86_64 RHSA-2013:1764 Critical/Sec. ruby-libs-1.8.7.352-13.el6.x86_64 RHSA-2015:0251 Critical/Sec. samba-3.6.23-14.el6_6.x86_64 RHSA-2016:0611 Critical/Sec. samba-3.6.23-30.el6_7.x86_64 RHSA-2015:0251 Critical/Sec. samba-client-3.6.23-14.el6_6.x86_64 RHSA-2016:0611 Critical/Sec. samba-client-3.6.23-30.el6_7.x86_64 RHSA-2015:0251 Critical/Sec. samba-common-3.6.23-14.el6_6.x86_64 RHSA-2016:0611 Critical/Sec. samba-common-3.6.23-30.el6_7.x86_64 RHSA-2015:0251 Critical/Sec. samba-winbind-3.6.23-14.el6_6.x86_64 RHSA-2016:0611 Critical/Sec. samba-winbind-3.6.23-30.el6_7.x86_64 RHSA-2015:0251 Critical/Sec. samba-winbind-clients-3.6.23-14.el6_6.x86_64 RHSA-2016:0611 Critical/Sec. samba-winbind-clients-3.6.23-30.el6_7.x86_64 RHSA-2015:0250 Critical/Sec. samba4-libs-4.0.0-66.el6_6.rc4.x86_64 RHSA-2013:0614 Critical/Sec. xulrunner-17.0.3-2.el6_4.x86_64 RHSA-2013:0696 Critical/Sec. xulrunner-17.0.5-1.el6_4.x86_64 RHSA-2013:0820 Critical/Sec. xulrunner-17.0.6-2.el6_4.x86_64 RHSA-2013:0981 Critical/Sec. xulrunner-17.0.7-1.el6_4.x86_64 RHSA-2013:1140 Critical/Sec. xulrunner-17.0.8-3.el6_4.x86_64 RHSA-2013:1268 Critical/Sec. xulrunner-17.0.9-1.el6_4.x86_64 RHSA-2013:1476 Critical/Sec. xulrunner-17.0.10-1.el6_4.x86_64 updateinfo list done
To find out detailed information about an update
#yum updateinfo RHSA-2016:0175 Loaded plugins: package_upload, product-id, security, subscription-manager This system is receiving updates from Red Hat Subscription Management. rhel-6-server-rpms | 2.0 kB 00:00 =============================================================================== Critical: glibc security and bug fix update =============================================================================== Update ID : RHSA-2016:0175 Release : Type : security Status : final Issued : 2016-02-16 00:00:00 Bugs : 1293532 - CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflow CVEs : CVE-2015-7547 Description : The glibc packages provide the standard C libraries (libc),
etc…
Still stuck? Maybe we can help. Contact us at Upwork
Never miss a thing subscribe to our newsletter
or follow us on twitter
For more super cool techie stuff check out our blog!!
Recent Changes
Contribute to this wiki
Why not help others by sharing your knowledge? Contribute something to this wiki and
join out hall of fame!
Contact us for a user name and password