Monitoring, Management & Location Tracking

RedHat (RHEL) kernel security and bug fix update tracking from CVE numbers

Aruba Employee

 

If you have a CVE number, here's how to use it to look and see if AMP is compliant with the fix:

1. Make sure you're on the latest release of AMP, kernel and bug fixes are typically included in patched updates
2. Lookup the CVE in RHEL: https://www.redhat.com/security/data/cve/
3. Find the RHEL errata link that describes where the fix is for RHEL5
4. Lookup the source RPM name where the issue was 1st fixed in.

You might see something like:
"RHEL Desktop Workstation (v. 5 client)
SRPMS:
httpd-2.2.3-11.el5_2.4.src.rpm
File outdated by: RHEA-2010:0252
MD5: bb08fcb31a0e4d23e6915da228c08b71"
We're focusing on 'httpd-2.2.3-11.el5_2.4.src.rpm'

5. Lookup the RPM package that AMP is using:
# rpm -qa *package abbreviation*

For example:
# rpm -qa *httpd*
aw-httpd-2.2.3-31.4

6. Compare the package in AMP to the package where the fix was sourced

From our example:
aw-httpd-2.2.3-31.4
httpd-2.2.3-11.el5_2.4.src.rpm

Here we can see that the aw-httpd version number (2.2.3-31.4) is more recent than the httpd version (2.2.3-11). This verifies that the package in AMP has been updated and that the security issue is resolved.

Version history
Revision #:
4 of 4
Last update:
‎06-24-2014 10:39 AM
 
Labels (1)
Contributors