Finding a directive issued by your organization listing several important CVEs (Common
Vulnerability and Exposures), you find one for Linux OpenSSH (CVE-2006-5764), which
might apply to your oracle Linux systems. What command would help ensure that a patch
has been applied to close this vulnerability on an Oracle Linux 6 system running OpenSSH
server?
A.
rpm –qa | grep openssh | grep 5794
B.
rpm –q – – changelog openssh | grep 5794
C.
yum sec – list cves | grep 5794
D.
yum sec – list cvesApplied
E.
yum listcves openssh
B:
https://www.linuxos.pro/update-openssh-cve-2015-5600-cve-2016-3115/
Once updated, you can verify that you’re patched by running the following commands:
# rpm -qa –changelog openssh|grep CVE-2015-5600
Explanation:
The command rpm -q –changelog rpm displays a detailed list of information (updates, configuration, modifications, etc.) about a specific package. This example shows information about the package rpm. However, only the last five change entries in the RPM database are listed. All entries (dating back the last two years) are included in the package itself.
This query only works if CD 1 is mounted at /media/cdrom: rpm -qp –changelog /media/cdrom/suse/i586/rpm-3*.rpm
*Is the patch RPM suitable for my system?
To check this, first query the installed version of the package. For pine, this can be done with rpm -q pine pine-4.44-188