vulnerabilities and patches for SUSE Linux 11 SP 1
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
vulnerabilities and patches for SUSE Linux 11 SP 1
Hi Team,
I am new to SUSE Linux and i got request that need to do remediation
vulnerabilities like (HTTPD,NTP etc)
i came to know that My SUSE Linux Enterprise Server 11 SP1 (x86_64) - Kernel
i want to upgrade the httpd. and ntpd(2.4.4 to latest) services , i have try below commands but could not.
zypper -update
zypper patch --cve=CVE-2013-5211
result:
Loading repository data...
Reading installed packages...
Fix for CVE issue number CVE-2013-5211 was not found or is not needed.
Resolving package dependencies...
Nothing to do.
Please suggest how to upgrade the services? or how to remediation
vulnerabilities?
Hi Team,
I am new to SUSE Linux and i got request that need to do remediation vulnerabilities like (HTTPD,NTP etc) i came to know that My SUSE Linux Enterprise Server 11 SP1 (x86_64) - Kernel i want to upgrade the httpd. and ntpd(2.4.4 to latest) services , i have try below commands but could not.
zypper -update
zypper patch --cve=CVE-2013-5211
result:
Loading repository data...
Reading installed packages...
Fix for CVE issue number CVE-2013-5211 was not found or is not needed.
Resolving package dependencies...
Nothing to do.
Please suggest how to upgrade the services? or how to remediation vulnerabilities?
Your post is confusing; if you got the job to perform these tasks, it's very odd you don't know how to perform them. Also, are there not any coworkers you can ask for assistance?? Be aware that none of us here are on your 'team', but will be glad to try to assist you.
You're using SuSE Enterprise...that is a commercial, pay-for distribution. Since that's the case, you are paying for support with SuSE...have you contacted them, or checked their knowledgebase? And based on what you posted, it would seem you have the latest versions already installed, so what are you actually trying to *FIX*??? Have you actually checked to see what versions of these programs you have installed currently?? Checked to see if there are any vulnerabilities in those versions?
Thanks @TB0ne
I have checked that in linux box and its is old ntpd service is running i.e ntpd - NTP daemon program - Ver. 4.2.4p8 and vulnerability team suggest us to upgrade to new version to avoid the vulnerability so i have download latest one ntp-4.2.8p10 after download i have done below steps
tar xvfz ntp-4.2.8p4.tar.gz
cd ntp-4.2.8p4/
./configure
make
make install
but when i check the version its shown old version
can please suggest how to overridden old one here?
Again I am asking you how you got this job, when it appears you lack the skills to do it, and am telling you to contact SuSE support with your paid-for SLES installation.
You tried to apply a security patch, and it told you that it wasn't needed...yet you are continuing. Why?? If you have a 'vulnerability team', then this 'team' should be well aware of the need to check the various distros websites, to see if this vulnerability even comes in to play. Did you try looking up that CVE number on the SLES site??? Since this is your job, I will leave it to you to go look it up...you may be interested in what you find.
And again, if you contacted SLES support you would get this same answer.
And running "make install" does absolutely NOTHING..unless you bothered to UNinstall the old version, stop the existing daemon, apply the old configuration to the NEW daemon, and start IT. You don't appear to have done any of that, and if you just ran "make install", you have now successfully removed your existing NTP configuration with a blank file, and when you try to restart, it won't work.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.