Overview
Patch updates on the servers are regular maintenance
activity for Linux administrator. In order to know the list of security, bugs
and vulnerabilities that have to be installed. We need to identify such
packages and install them.
This guide will help us in generating list of security, bug
fix and enhancement required packages report. Also, will install only bugfix
for understanding.
Applies To
Tested on RHEL 7, CentOS 7
Pre-Requisites
·
Works with yum package
management utility installed system
·
sudo
access if applicable
·
Internet access for the server to download
patches
Server Patches
Applying patches for the server is one of the most
important administrative task, wherein administrator has to verify, validate
and ensure proper patching is done from time to time.
List Patches Available
To get list of all types of updates available for the server, run the
command;
yum updateinfo list
List Update – Info
To get additional information about patch, run the command;
yum updateinfo info
List Update – Bugfix
To get list of bugfix updates for the server, run the
command;
yum updateinfo --bzs=1343609
List Update – Critical Severity
To get list of critical severity updates for the server, run
the command;
yum updateinfo list --security
--sec-severity=Critical
List Update – Important Severity
To get list of important severity updates for the server,
run the command;
yum updateinfo list --security
--sec-severity=Important
List Update – Moderate Severity
To get list of moderate severity updates for the server, run
the command;
yum updateinfo list --security
--sec-severity=Moderate
List Update – Enhancement
To get list of enhancements updates for the server, run the
command;
yum updateinfo list | grep
enhancement
Installing Update
Once you have generated the report and after analysis,
install the update or else you have an application related issues or server
outage.
Install Update – Specific Bugfix Update
yum update --bzs=1342511
Install Update – Security Update(s)
To install all security update(s), run the command;
yum update --security -y
Install Update – Minimal Security Only
To install all security with minimal update(s), run the
command;
yum update-minimal --security -y
Install Update – Specific Advisory Update Only
To install specific advisory update, run the command;
yum update
--advisory=RHBA-2016:0547
Install Update – Specific CVE Update Only
To install specific CVE update, run the command;
yum update --CVE=CVE-2012-2150
Redhat Advisories Portal
To read additional information about various advisories for
RHEL 7 Operating system, wherein all the types of available security, bugfix
& enhancements are listed on this portal.
No comments:
Post a Comment