RadarURL
Skip to content

AdminID.kr 소프트웨어(Software)

Home 소프트웨어(Software) 운영체제(OS) 유닉스/리눅스
뷰어로 보기
2014.05.22 19:05

Linux YUM 을 이용하여 보안 업데이트를 진행해 보자

JAESOO
조회 수 1038 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 
YUM 명령어를 이용하여 나의 시스템에 발생된 보안 업데이트를 진행해 보자
방법은 아래의 내용을 참고~!

@ yum-security plugin 설치
=======================================================
RHEL5 , RHEL6
# yum install yum-security
======================================================= 


@ 설치 가능한 보안 패치를 확인하는 방법
=======================================================
# yum list-security --security
=======================================================
# yum list-security --security
Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
This system is receiving updates from RHN Classic or RHN Satellite.
local                                                                                                                                  | 3.9 kB     00:00     
local/primary_db                                                                                                                       | 3.1 MB     00:00     
rhel-x86_64-server-6                                                                                                                   | 1.8 kB     00:00     
rhel-x86_64-server-6/primary                                                                                                           |  16 MB     00:01     
rhel-x86_64-server-6                                                                                                                              12316/12316
rhel-x86_64-server-6/updateinfo                                                                                                        | 2.0 MB     00:00     
RHSA-2013:1537 Low/Sec.       augeas-libs-1.0.0-5.el6.x86_64
RHSA-2014:0044 Moderate/Sec.  augeas-libs-1.0.0-5.el6_5.1.x86_64
RHSA-2013:0550 Moderate/Sec.  bind-libs-32:9.8.2-0.17.rc1.el6.3.x86_64
RHSA-2013:0689 Important/Sec. bind-libs-32:9.8.2-0.17.rc1.el6_4.4.x86_64
RHSA-2013:1114 Important/Sec. bind-libs-32:9.8.2-0.17.rc1.el6_4.5.x86_64

.
.
.

RHSA-2013:1620 Low/Sec.       xorg-x11-server-Xorg-1.13.0-23.el6.x86_64
RHSA-2013:1868 Important/Sec. xorg-x11-server-Xorg-1.13.0-23.1.el6_5.x86_64
RHSA-2013:1426 Important/Sec. xorg-x11-server-common-1.13.0-11.1.el6_4.2.x86_64
RHSA-2013:1620 Low/Sec.       xorg-x11-server-common-1.13.0-23.el6.x86_64
RHSA-2013:1868 Important/Sec. xorg-x11-server-common-1.13.0-23.1.el6_5.x86_64
RHSA-2013:0271 Critical/Sec.  xulrunner-17.0.3-1.el6_3.x86_64
RHSA-2013:0614 Critical/Sec.  xulrunner-17.0.3-2.el6_4.x86_64
RHSA-2013:0696 Critical/Sec.  xulrunner-17.0.5-1.el6_4.x86_64
RHSA-2013:0820 Critical/Sec.  xulrunner-17.0.6-2.el6_4.x86_64
RHSA-2013:0981 Critical/Sec.  xulrunner-17.0.7-1.el6_4.x86_64
RHSA-2013:1140 Critical/Sec.  xulrunner-17.0.8-3.el6_4.x86_64
RHSA-2013:1268 Critical/Sec.  xulrunner-17.0.9-1.el6_4.x86_64
RHSA-2013:1476 Critical/Sec.  xulrunner-17.0.10-1.el6_4.x86_64
RHSA-2013:0271 Critical/Sec.  yelp-2.28.1-17.el6_3.x86_64
updateinfo list done

 @ 현재 서버에 설치된 보안 패치를 확인하는 방법 
=======================================================
# yum updateinfo list security all
=======================================================
# yum list-security --security
Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
This system is receiving updates from RHN Classic or RHN Satellite.
RHSA-2013:1537 Low/Sec.       augeas-libs-1.0.0-5.el6.x86_64
RHSA-2014:0044 Moderate/Sec.  augeas-libs-1.0.0-5.el6_5.1.x86_64
RHSA-2013:0550 Moderate/Sec.  bind-libs-32:9.8.2-0.17.rc1.el6.3.x86_64
RHSA-2013:0689 Important/Sec. bind-libs-32:9.8.2-0.17.rc1.el6_4.4.x86_64
RHSA-2013:1114 Important/Sec. bind-libs-32:9.8.2-0.17.rc1.el6_4.5.x86_64
RHSA-2014:0043 Moderate/Sec.  bind-libs-32:9.8.2-0.23.rc1.el6_5.1.x86_64
RHSA-2013:0550 Moderate/Sec.  bind-utils-32:9.8.2-0.17.rc1.el6.3.x86_64
RHSA-2013:0689 Important/Sec. bind-utils-32:9.8.2-0.17.rc1.el6_4.4.x86_64
RHSA-2013:1114 Important/Sec. bind-utils-32:9.8.2-0.17.rc1.el6_4.5.x86_64
RHSA-2014:0043 Moderate/Sec.  bind-utils-32:9.8.2-0.23.rc1.el6_5.1.x86_64
RHSA-2013:0668 Moderate/Sec.  boost-1.41.0-15.el6_4.x86_64
RHSA-2013:0668 Moderate/Sec.  boost-date-time-1.41.0-15.el6_4.x86_64

.
.
.
RHSA-2013:1866 Moderate/Sec.  ca-certificates-2013.1.95-65.1.el6_5.noarch
RHSA-2013:1540 Low/Sec.       cheese-2.28.1-8.el6.x86_64
RHSA-2013:1540 Low/Sec.       control-center-1:2.28.1-39.el6.x86_64
RHSA-2013:1540 Low/Sec.       control-center-extra-1:2.28.1-39.el6.x86_64
RHSA-2013:1540 Low/Sec.       control-center-filesystem-1:2.28.1-39.el6.x86_64
RHSA-2013:1652 Low/Sec.       coreutils-8.4-31.el6.x86_64
updateinfo list done


@ 설치 가능한 보안 패치를 업데이트하는 방법
=======================================================
# yum update --security
=======================================================
#yum update --security
Loaded plugins: product-id, refresh-packagekit, rhnplugin, security,
              : subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
This system is receiving updates from RHN Classic or RHN Satellite.
Setting up Update Process
Resolving Dependencies
Limiting packages to security relevant ones
238 package(s) needed (+0 related) for security, out of 520 available
--> Running transaction check
---> Package augeas-libs.x86_64 0:0.9.0-4.el6 will be updated
---> Package augeas-libs.x86_64 0:1.0.0-5.el6_5.1 will be an update
---> Package bind-libs.x86_64 32:9.8.2-0.17.rc1.el6 will be updated
--> Processing Dependency: libboost_math_c99l.so.5()(64bit) for package: boost-devel-1.41.0-18.el6.x86_64
.
.
.
---> Package gtk2-immodule-xim.x86_64 0:2.20.1-4.el6 will be an update
---> Package netpbm.x86_64 0:10.47.05-11.el6 will be installed
--> Processing Conflict: xorg-x11-server-Xorg-1.13.0-23.1.el6_5.x86_64 conflicts xorg-x11-drv-synaptics < 1.6.2-13
--> Restarting Dependency Resolution with new changes.
--> Running transaction check
---> Package xorg-x11-drv-synaptics.x86_64 0:1.6.2-11.el6 will be updated
---> Package xorg-x11-drv-synaptics.x86_64 0:1.6.2-13.el6 will be an update
--> Processing Conflict: kernel-2.6.32-431.5.1.el6.x86_64 conflicts bfa-firmware < 3.2.21.1-2
--> Restarting Dependency Resolution with new changes.
--> Running transaction check
---> Package bfa-firmware.noarch 0:3.0.3.1-1.el6 will be updated
---> Package bfa-firmware.noarch 0:3.2.21.1-2.el6 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

==============================================================================================================================================================
 Package                                        Arch                   Version                                     Repository                            Size
==============================================================================================================================================================
Installing:
 firefox                                        x86_64                 24.3.0-2.el6_5                              rhel-x86_64-server-6                  46 M
     replacing  firefox.x86_64 10.0.12-1.el6_3
 kernel                                         x86_64                 2.6.32-431.5.1.el6                          rhel-x86_64-server-6                  28 M
 .
.
.
 wireshark-gnome                                x86_64                 1.8.10-4.el6                                rhel-x86_64-server-6                 855 k
 xorg-x11-drv-synaptics                         x86_64                 1.6.2-13.el6                                rhel-x86_64-server-6                  73 k
 xorg-x11-server-Xephyr                         x86_64                 1.13.0-23.1.el6_5                           rhel-x86_64-server-6                 859 k
 Installing for dependencies:
 p11-kit                                        x86_64                 0.18.5-2.el6_5.2                            rhel-x86_64-server-6                  94 k
 p11-kit-trust                                  x86_64                 0.18.5-2.el6_5.2                            rhel-x86_64-server-6                  71 k
Updating for dependencies:
 atk                                            x86_64                 1.30.0-1.el6                                rhel-x86_64-server-6                 196 k
 libtevent                                      x86_64                 0.9.18-3.el6                                rhel-x86_64-server-6                  26 k
 python-rhsm                                    x86_64                 1.9.6-1.el6                                 rhel-x86_64-server-6                 100 k

Transaction Summary
==============================================================================================================================================================
Install      13 Package(s)
Upgrade     248 Package(s)

Total download size: 512 M
Is this ok [y/N]:

@ CVE 번호를 이용하여 특정 업데이트만 진행하는 방법
=======================================================
# yum update –cve <CVE>

e.g.

# yum update –cve CVE-2008-0947
=======================================================
# yum update –cve CVE-2013-2094
Loaded plugins: product-id, refresh-packagekit, rhnplugin, security, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
This system is receiving updates from RHN Classic or RHN Satellite.
Setting up Update Process
Resolving Dependencies
Limiting packages to security relevant ones
3 package(s) needed (+0 related) for security, out of 520 available
–> Running transaction check
—> Package kernel-devel.x86_64 0:2.6.32-431.5.1.el6 will be installed
—> Package kernel-headers.x86_64 0:2.6.32-358.el6 will be updated
—> Package kernel-headers.x86_64 0:2.6.32-431.5.1.el6 will be an update
—> Package perf.x86_64 0:2.6.32-358.el6 will be updated
—> Package perf.x86_64 0:2.6.32-431.5.1.el6 will be an update
–> Finished Dependency Resolution

Dependencies Resolved

==============================================================================================================================================================
Package                              Arch                         Version                                   Repository                                  Size
==============================================================================================================================================================
Installing:
kernel-devel                         x86_64                       2.6.32-431.5.1.el6                        rhel-x86_64-server-6                       8.8 M
Updating:
kernel-headers                       x86_64                       2.6.32-431.5.1.el6                        rhel-x86_64-server-6                       2.8 M
perf                                 x86_64                       2.6.32-431.5.1.el6                        rhel-x86_64-server-6                       2.9 M

Transaction Summary
==============================================================================================================================================================
Install       1 Package(s)
Upgrade       2 Package(s)

Total download size: 14 M
Is this ok [y/N]:

관련 참고 : https://access.redhat.com/site/solutions/10021


출처 : http://blog.seabow.pe.kr/?p=5788

TAG •
Facebook Twitter Google Pinterest
위로 아래로 댓글로 가기 인쇄
에디터 선택하기
?
에디터 사용하기 닫기
List of Articles
번호 제목 글쓴이 날짜 조회 수
42 CentOS Network 설정 JAESOO 2014.05.26 997
41 RHEL 6.5 에서 bmc-watchdog[xxxx]: Log 가 발생되면서 rebooting 되는 문제 JAESOO 2014.05.22 1433
40 RHEL5, 6 Ctrl + Alt + Del 키 막기 JAESOO 2014.05.22 1213
» Linux YUM 을 이용하여 보안 업데이트를 진행해 보자 JAESOO 2014.05.22 1038
38 Red Hat RHN 등록이 왜? 안될까? ( RHN connection refused ) JAESOO 2014.05.22 1014
37 RHEL 6.5 Release… JAESOO 2014.05.22 1300
36 sulinux 2.0 + APM + Zend + eaccelerator + nginx + mrtg JAESOO 2014.05.22 1312
35 SULinux 2.0 GUI 버전 - GUI가 편하긴 하구나... JAESOO 2014.05.22 1766
34 sulinux APMtools 설치 위치 정리 JAESOO 2014.05.22 1378
33 howto: RHEL6 x86_64 + APM + mediawiki + CKEditor + IPA(LDAP) JAESOO 2014.05.22 2061
32 RedHat 계정 만들기 ( 평가용 서브스크립션 다운로드 ) JAESOO 2014.05.22 1165
31 리눅스 시스템 성능 모니터링(CPU, 메모리) JAESOO 2014.05.14 1358
30 Linux CPU, I/O, Memory 사용량 측정 JAESOO 2014.05.14 2171
29 리눅스 시스템 모니터링 시스템 최적화 JAESOO 2014.05.14 834
28 Conversion Struts to Spring MVC JAESOO 2014.05.09 907
27 Unix/Linux 디스크 용량 확인 명령어 (df/du) JAESOO 2014.05.09 1668
26 Spring 3.1 Overview JAESOO 2014.05.09 640
25 Spring MVC 에서 ContentNegotiatingViewResolver를 이용한 단일 RequestMapping 으로 Muilti-View 처리하기 JAESOO 2014.05.09 1337
24 Struts와 Spring의 Controller 의 차이는? JAESOO 2014.05.09 585
23 Spring MVC JAESOO 2014.05.09 792
쓰기
Board Pagination Prev 1 2 3 4 5 6 7 8 9 Next
/ 9

Recent Articles

Recent Comment

Recent Tag

PageViews   Today : 133 Yesterday : 2394 Total : 21713791  /  Counter Status   Today : 116 Yesterday : 1232 Total : 1142258

Edited by JAESOO

sketchbook5, 스케치북5

sketchbook5, 스케치북5

나눔글꼴 설치 안내


이 PC에는 나눔글꼴이 설치되어 있지 않습니다.

이 사이트를 나눔글꼴로 보기 위해서는
나눔글꼴을 설치해야 합니다.

설치 취소