What command would help ensure that a patch has been applied to close this vulnerability on an Oracle Linux 6 system running OpenSSH server?

Finding a directive issued by your organization listing several important CVEs (Common
Vulnerability and Exposures), you find one for Linux OpenSSH (CVE-2006-5764), which might
apply to your oracle Linux systems. What command would help ensure that a patch has been
applied to close this vulnerability on an Oracle Linux 6 system running OpenSSH server?

Finding a directive issued by your organization listing several important CVEs (Common
Vulnerability and Exposures), you find one for Linux OpenSSH (CVE-2006-5764), which might
apply to your oracle Linux systems. What command would help ensure that a patch has been
applied to close this vulnerability on an Oracle Linux 6 system running OpenSSH server?

A.
yum listcves openssh

B.
rpm –qa | grep openssh | grep 5794

C.
rpm –q – – changelog openssh | grep 5794

D.
yum sec – list cves | grep 5794

E.
yum sec – list cvesApplied

Explanation:
*The command rpm -q –changelog rpm displays a detailed list of information
(updates, configuration, modifications, etc.) about a specific package. This example shows
information about the package rpm. However, only the last five change entries in the RPM
database are listed. All entries (dating back the last two years) are included in the package itself.
This query only works if CD 1 is mounted at /media/cdrom:
rpm -qp –changelog /media/cdrom/suse/i586/rpm-3*.rpm
*Is the patch RPM suitable for my system?
To check this, first query the installed version of the package. For pine, this can be done with
rpm -q pine
pine-4.44-188

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

nwildner

nwildner

The minus-minus space needs to be fixed. Its:

[root@host ~]# rpm -q –changelog openssh | grep 5794
– CVE-2006-5794 – properly detect failed key verify in monitor (#214641)

Reply