Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Find The Changelog Security Log of A Linux RPM Package

    Hochgeladen von

    Nandrianina Randrianarison
    9 Ansichten1 Seite
    Using --changelog option you can find out if particular security bug is fixed or not. For example php has serious buffer overflow in the bundled libxmlrpc library in php before v4.4.7, and 5.x before 5.2.2.

    Originalbeschreibung:

    Originaltitel

    Find the changelog security log of a Linux rpm package.docx

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    DOCX, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    Using --changelog option you can find out if particular security bug is fixed or not. For example php has serious buffer overflow in the bundled libxmlrpc library in php before v4.4.7, and 5.x before 5.2.2.

    Copyright:

    © All Rights Reserved
    Als DOCX, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    9 Ansichten1 Seite

    Find The Changelog Security Log of A Linux RPM Package

    Hochgeladen von

    Nandrianina Randrianarison
    Using --changelog option you can find out if particular security bug is fixed or not. For example php has serious buffer overflow in the bundled libxmlrpc library in php before v4.4.7, and 5.x before 5.2.2.

    Copyright:

    © All Rights Reserved
    Als DOCX, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 1

    Find the changelog security log of a Linux rpm package

    Here is a little known secret that allows you to view the change log of a package. Using
    --changelog option you can find out if particular security bug is fixed or not. This is extremely
    useful option for production boxes.
    For example CVE-2007-1864 documents that php has serious buffer overflow in the bundled
    libxmlrpc library in PHP before v4.4.7, and 5.x before 5.2.2. It has unknown impact and
    remote attack vectors. Now how do you know if this bug is fixed or not in your installed php
    version? Simply type the following command:
    rpm -q --changelog php

    Better use piped out output using less:


    rpm -q --changelog php | less

    Following command look at the kernel package changelog:


    rpm -q --changelog kernel|less

    This option allows you to view change log w/o visiting vendors / distributions website. The
    --changelog option only works with rpm based package and distro such as RHEL / CentOS /
    Fedora / Suse etc. RPM is a very powerful utility and I hope this small tip will save lot of
    time. For more information read rpm command man page.

    Das könnte Ihnen auch gefallen