Tracing Red Hat Security Errata to CentOS

Support for security such as Firewalls and securing linux
Post Reply
TEKFused
Posts: 4
Joined: 2019/05/21 15:10:31
Contact:

Tracing Red Hat Security Errata to CentOS

Post by TEKFused » 2019/05/21 15:18:34

Hello Everyone,

How do I verify that a Red Hat backported fix (aka security errata) was applied in the version of CentOS I am running? It is difficult to trace from Red Hat to CentOS, and I'm hoping that there is a CLI command I can use to verify that the security errata was installed.

The closest idea I have is to check the rpm's change log via the CLI. Any other ideas?

Thank you in advance!

Jake

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Tracing Red Hat Security Errata to CentOS

Post by TrevorH » 2019/05/21 15:26:24

Subscribe to the centos-announce mailing list and you will get mails about each update with links in them to the upstream errata page describing the fix and its severity. Once subscribed you can edit your preferences via the web and pick which versions and architectures you want to receive mails for.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

TEKFused
Posts: 4
Joined: 2019/05/21 15:10:31
Contact:

Re: Tracing Red Hat Security Errata to CentOS

Post by TEKFused » 2019/05/21 18:29:10

Thanks, Trevor. I will certainly do that!

Is the errata info not included in the rpm's change log? See here for example: https://www.cyberciti.biz/tips/howto-fi ... gelog.html

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Tracing Red Hat Security Errata to CentOS

Post by TrevorH » 2019/05/21 18:32:28

The CVE number is usually in the changelog but then you have to query each package to find it. And unless it's installed already then you have to track down the url for it and use rpm -qp --changelog http://.... to access it.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

TEKFused
Posts: 4
Joined: 2019/05/21 15:10:31
Contact:

Re: Tracing Red Hat Security Errata to CentOS

Post by TEKFused » 2019/05/21 18:45:08

Thank you for the info! I think this is my last question. I was looking at the announcements mailing list archives, but I didn't see a search feature: https://lists.centos.org/pipermail/centos-announce/

I can use Google to search, but wondered if I missed the search that is on the site. Thanks again!

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Tracing Red Hat Security Errata to CentOS

Post by TrevorH » 2019/05/21 19:17:38

I don't think there is a search function in mailman so google is your best option. Of course, once you are subscribed they get delivered to your inbox and can be processed from there.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

TEKFused
Posts: 4
Joined: 2019/05/21 15:10:31
Contact:

Re: Tracing Red Hat Security Errata to CentOS

Post by TEKFused » 2019/05/21 19:33:05

Thanks again for the info!

Post Reply