LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices


Reply
  Search this Thread
Old 10-18-2017, 01:53 AM   #1
rhadmn
Member
 
Registered: Oct 2009
Location: Bangalore
Distribution: Redhat Linux, Solaris, CentOS
Posts: 34

Rep: Reputation: 1
RHEL 6 Patching


Hi Folks,

Greetings. I have got a list of 19 vulnerabilities in one of my server which needs to be patched. Kindly advice how can I go ahead with the same. Looking for an urgent solution.

OS Version: Red Hat Enterprise Linux Server release 6.8 (Santiago)
Kernel Version: 2.6.32-642.el6.x86_64

Regards,
RHADMN
 
Old 10-18-2017, 02:57 AM   #2
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 6,795
Blog Entries: 3

Rep: Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635
a redhat certified engineer is asking this?

anyhow, if you don't show us the list, how could we possibly advise?

also, i'm sure a fellow LQ dweller will shortly be along and inform you of the commercial nature of redhat and your entitlement to support from them, not us.
 
2 members found this post helpful.
Old 10-18-2017, 03:50 AM   #3
rhadmn
Member
 
Registered: Oct 2009
Location: Bangalore
Distribution: Redhat Linux, Solaris, CentOS
Posts: 34

Original Poster
Rep: Reputation: 1
Hi Ondoho,

Opss !!! I did not mean the straight forward patching of the packages !!!

Here, please note that I do not have a subscription and I basically need an archive repo location from where we can download them. Tried to a good extend, but was not able to find an appropriate one. But I am sure someone would have already gone through my situation and have found a similar repo.

Also, just would like to avoid CentOS packages.

I will upload the vulnerability list shortly.
 
Old 10-18-2017, 03:58 AM   #4
!!!
Member
 
Registered: Jan 2017
Posts: 549

Rep: Reputation: 216Reputation: 216Reputation: 216
Is this RHEL stolen? Should the Police be called?
(I don't think LQ will provide a 'bootleg' repo!!!)

Since "urgent", Why didn't you post the full list info first time?

Yes, post the list, so people can advise. Best wishes.
https://www.open-scap.org/resources/...rhel-6-machine ?
https://www.stigviewer.com/stig/red_...rprise_linux_6 ?
wget https://www.cvedetails.com/vulnerabi...e-Linux-6.html | awk ...?

Last edited by !!!; 10-18-2017 at 04:26 AM.
 
Old 10-18-2017, 11:30 AM   #5
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 6,795
Blog Entries: 3

Rep: Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635Reputation: 1635
Quote:
Originally Posted by rhadmn View Post
Hi Ondoho,

Opss !!! I did not mean the straight forward patching of the packages !!!

Here, please note that I do not have a subscription and I basically need an archive repo location from where we can download them. Tried to a good extend, but was not able to find an appropriate one. But I am sure someone would have already gone through my situation and have found a similar repo.

Also, just would like to avoid CentOS packages.

I will upload the vulnerability list shortly.
a very confusing post.
not sure i understand any of it.

maybe you should drop this questionable redhat installation and use centos instead.
 
1 members found this post helpful.
Old 10-18-2017, 01:28 PM   #6
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,277

Rep: Reputation: 4443Reputation: 4443Reputation: 4443Reputation: 4443Reputation: 4443Reputation: 4443Reputation: 4443Reputation: 4443Reputation: 4443Reputation: 4443Reputation: 4443
Quote:
Originally Posted by rhadmn View Post
Hi Ondoho,
Opss !!! I did not mean the straight forward patching of the packages !!!
So what *DO* you mean when you said your server needed to be patched?
Quote:
Here, please note that I do not have a subscription and I basically need an archive repo location from where we can download them. Tried to a good extend, but was not able to find an appropriate one. But I am sure someone would have already gone through my situation and have found a similar repo. Also, just would like to avoid CentOS packages. I will upload the vulnerability list shortly.
No need to upload a list, since (as someone with a 'certification' knows), the only way to get this done is to PAY FOR RHEL. That's it; you pay for support and access to the Red Hat network, which provides packages/updates. That's it.

You've been working with Linux for at least eight years now, and list your occupation as a "Senior Systems Administrator". So you should know to either pay for RHEL, or use something else.
 
Old 10-18-2017, 04:40 PM   #7
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,225

Rep: Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521Reputation: 2521
BUY the required redhat support contract !!!

then it is very very very simple to update and install the security updates

Code:
su -
yum update
and that is it

SIMPLE
 
Old 10-19-2017, 01:03 PM   #8
!!!
Member
 
Registered: Jan 2017
Posts: 549

Rep: Reputation: 216Reputation: 216Reputation: 216
But if the CEO has put solely $min before legal&sensible reasoning,
And thus their CISO just Googles 'RHEL security vunlerabilities'
And gives the first-hit to the SA to implement for $min,
Rather than searching for a quick-fix from an anon untrusted repo,
Explain that security involves all applications (think Equifax).
Or just say "No.", for moral&professional reasons.

The OP, who seemed to try to be nicely helpful here in 2009-10,
Returned a few hours after my harsh post, but not since, I just noticed.

Idk what to do/say about TheWorld's trend toward such $min 'reasoning'.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Questions about Patching RHEL In the Enterprise...??? gdizzle Linux - Enterprise 5 08-27-2012 12:44 PM
centos vs rhel patching drManhattan Linux - Server 1 10-20-2011 03:26 PM
Rhel patching newcranium Linux - Newbie 6 04-13-2011 02:33 AM
RHEL Patching Strategy. jasoneh Red Hat 3 11-24-2008 04:19 PM
rhel 3 or 4 patching rekaye1005 Linux - Enterprise 2 01-26-2008 07:05 PM

LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise

All times are GMT -5. The time now is 05:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration