yum によるAmazon Linuxセキュリティパッチ更新
Contents
概要
- 今回は、yumコマンドを使ったLinux OS のセキュリティパッチ更新方法をまとめます。yum update コマンドはシステム構築で頻繁に使用しますが、サービス開始後のシステムではインパクトが大きいかと思います。一方で、日々公開される脆弱性の情報に対応するため、セキュリティパッチの更新は必須です。
- 以下に紹介するセキュリティ関連のyumコマンドを使用することで、Linux OS全体ではなく、セキュリティパッチのみを更新することが可能です。
- 対象OS は、Amazon Linux となります。(CentOS は対象外です)
OS を最新の状態に保つ
よく使う セキュリティ関連のyumコマンド
yum list updates --security (= yum check-update --security)- 利用可能なセキュリティアップデートのパッケージ一覧を取得します。
yum updateinfo- 利用可能なセキュリティアップデートのサマリーを表示します。
yum updateinfo list (= yum updateinfo security)- 利用可能なセキュリティアップデートを一覧で表示します。
yum updateinfo all- 利用可能なセキュリティアップデートの情報をfullで表示します。
yum updateinfo ALAS2-yyyy-nnnn- 特定のセキュリティアップデートに関する情報を表示します。
sudo yum update --security- 利用可能なセキュリティアップデートを更新する。
sudo yum update --advisory=ALAS2-yyyy-nnnn- 特定のセキュリティアップデートを更新する。
yumコマンドの実行サンプル
yum list updates –security
[ec2-user@ip-xx-xx-xx-xx ~]$ yum list updates --security
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
--> 2:cheese-camera-service-3.22.1-2.amzn2.x86_64 from amzn2-core excluded (updateinfo)
--> SDL2-static-2.0.10-1.amzn2.x86_64 from amzn2-core excluded (updateinfo)
--> libgomp-7.3.1-6.amzn2.0.4.x86_64 from amzn2-core excluded (updateinfo)
** 省略 **
--> runc-1.0.0-0.1.20190510.git2b18fe1.amzn2.x86_64 from amzn2extra-docker excluded (updateinfo)
--> docker-18.06.1ce-5.amzn2.x86_64 from amzn2extra-docker excluded (updateinfo)
--> docker-18.03.1ce-3.amzn2.x86_64 from amzn2extra-docker excluded (updateinfo)
26 package(s) needed for security, out of 45 available
Updated Packages
bind-export-libs.x86_64 32:9.11.4-26.P2.amzn2.4 amzn2-core
bind-libs.x86_64 32:9.11.4-26.P2.amzn2.4 amzn2-core
bind-libs-lite.x86_64 32:9.11.4-26.P2.amzn2.4 amzn2-core
bind-license.noarch 32:9.11.4-26.P2.amzn2.4 amzn2-core
bind-utils.x86_64 32:9.11.4-26.P2.amzn2.4 amzn2-core
cloud-init.noarch 19.3-43.amzn2 amzn2-core
glibc.x86_64 2.26-43.amzn2 amzn2-core
glibc-all-langpacks.x86_64 2.26-43.amzn2 amzn2-core
glibc-common.x86_64 2.26-43.amzn2 amzn2-core
glibc-locale-source.x86_64 2.26-43.amzn2 amzn2-core
glibc-minimal-langpack.x86_64 2.26-43.amzn2 amzn2-core
kernel.x86_64 4.14.225-169.362.amzn2 amzn2-core
kernel-tools.x86_64 4.14.225-169.362.amzn2 amzn2-core
libcrypt.x86_64 2.26-43.amzn2 amzn2-core
openssl.x86_64 1:1.0.2k-19.amzn2.0.6 amzn2-core
openssl-libs.x86_64 1:1.0.2k-19.amzn2.0.6 amzn2-core
perl.x86_64 4:5.16.3-299.amzn2.0.1 amzn2-core
perl-Pod-Escapes.noarch 1:1.04-299.amzn2.0.1 amzn2-core
perl-libs.x86_64 4:5.16.3-299.amzn2.0.1 amzn2-core
perl-macros.x86_64 4:5.16.3-299.amzn2.0.1 amzn2-core
python.x86_64 2.7.18-1.amzn2.0.3 amzn2-core
python-devel.x86_64 2.7.18-1.amzn2.0.3 amzn2-core
python-libs.x86_64 2.7.18-1.amzn2.0.3 amzn2-core
screen.x86_64 4.1.0-0.27.20120314git3c2946.amzn2 amzn2-core
sudo.x86_64 1.8.23-10.amzn2.1 amzn2-core
unzip.x86_64 6.0-43.amzn2 amzn2-core
yum updateinfo
[ec2-user@ip-xx-xx-xx-xx ~]$ yum updateinfo
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Updates Information Summary: updates
14 Security notice(s)
1 critical Security notice(s)
8 important Security notice(s)
5 medium Security notice(s)
updateinfo summary done
yum updateinfo list
[ec2-user@ip-xx-xx-xx-xx ~]$ yum updateinfo list
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
ALAS2-2021-1614 important/Sec. bind-export-libs-32:9.11.4-26.P2.amzn2.4.x86_64
ALAS2-2021-1614 important/Sec. bind-libs-32:9.11.4-26.P2.amzn2.4.x86_64
ALAS2-2021-1614 important/Sec. bind-libs-lite-32:9.11.4-26.P2.amzn2.4.x86_64
ALAS2-2021-1614 important/Sec. bind-license-32:9.11.4-26.P2.amzn2.4.noarch
ALAS2-2021-1614 important/Sec. bind-utils-32:9.11.4-26.P2.amzn2.4.x86_64
ALAS2-2021-1620 medium/Sec. cloud-init-19.3-43.amzn2.noarch
ALAS2-2021-1599 important/Sec. glibc-2.26-40.amzn2.x86_64
ALAS2-2021-1605 important/Sec. glibc-2.26-41.amzn2.x86_64
ALAS2-2021-1615 medium/Sec. glibc-2.26-42.amzn2.x86_64
ALAS2-2021-1599 important/Sec. glibc-all-langpacks-2.26-40.amzn2.x86_64
ALAS2-2021-1605 important/Sec. glibc-all-langpacks-2.26-41.amzn2.x86_64
ALAS2-2021-1615 medium/Sec. glibc-all-langpacks-2.26-42.amzn2.x86_64
ALAS2-2021-1599 important/Sec. glibc-common-2.26-40.amzn2.x86_64
ALAS2-2021-1605 important/Sec. glibc-common-2.26-41.amzn2.x86_64
ALAS2-2021-1615 medium/Sec. glibc-common-2.26-42.amzn2.x86_64
ALAS2-2021-1599 important/Sec. glibc-locale-source-2.26-40.amzn2.x86_64
ALAS2-2021-1605 important/Sec. glibc-locale-source-2.26-41.amzn2.x86_64
ALAS2-2021-1615 medium/Sec. glibc-locale-source-2.26-42.amzn2.x86_64
ALAS2-2021-1599 important/Sec. glibc-minimal-langpack-2.26-40.amzn2.x86_64
ALAS2-2021-1605 important/Sec. glibc-minimal-langpack-2.26-41.amzn2.x86_64
ALAS2-2021-1615 medium/Sec. glibc-minimal-langpack-2.26-42.amzn2.x86_64
ALAS2-2021-1588 important/Sec. kernel-4.14.214-160.339.amzn2.x86_64
ALAS2-2021-1600 important/Sec. kernel-4.14.219-161.340.amzn2.x86_64
ALAS2-2021-1616 important/Sec. kernel-4.14.225-168.357.amzn2.x86_64
ALAS2-2021-1588 important/Sec. kernel-tools-4.14.214-160.339.amzn2.x86_64
ALAS2-2021-1600 important/Sec. kernel-tools-4.14.219-161.340.amzn2.x86_64
ALAS2-2021-1616 important/Sec. kernel-tools-4.14.225-168.357.amzn2.x86_64
ALAS2-2021-1599 important/Sec. libcrypt-2.26-40.amzn2.x86_64
ALAS2-2021-1605 important/Sec. libcrypt-2.26-41.amzn2.x86_64
ALAS2-2021-1615 medium/Sec. libcrypt-2.26-42.amzn2.x86_64
ALAS2-2021-1608 medium/Sec. openssl-1:1.0.2k-19.amzn2.0.6.x86_64
ALAS2-2021-1608 medium/Sec. openssl-libs-1:1.0.2k-19.amzn2.0.6.x86_64
ALAS2-2021-1610 medium/Sec. perl-4:5.16.3-299.amzn2.0.1.x86_64
ALAS2-2021-1610 medium/Sec. perl-Pod-Escapes-1:1.04-299.amzn2.0.1.noarch
ALAS2-2021-1610 medium/Sec. perl-libs-4:5.16.3-299.amzn2.0.1.x86_64
ALAS2-2021-1610 medium/Sec. perl-macros-4:5.16.3-299.amzn2.0.1.x86_64
ALAS2-2021-1611 medium/Sec. python-2.7.18-1.amzn2.0.3.x86_64
ALAS2-2021-1611 medium/Sec. python-devel-2.7.18-1.amzn2.0.3.x86_64
ALAS2-2021-1611 medium/Sec. python-libs-2.7.18-1.amzn2.0.3.x86_64
ALAS2-2021-1623 critical/Sec. screen-4.1.0-0.27.20120314git3c2946.amzn2.x86_64
ALAS2-2021-1590 important/Sec. sudo-1.8.23-4.amzn2.2.1.x86_64
ALAS2-2021-1604 important/Sec. unzip-6.0-43.amzn2.x86_64
updateinfo list done
yum updateinfo all
[ec2-user@ip-xx-xx-xx-xx ~]$ yum updateinfo all
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
===============================================================================
Amazon Linux 2 2017.12 - ALAS2-2018-955: important priority package update for 389-ds-base
===============================================================================
Update ID : ALAS2-2018-955
Release :
Type : security
Status : final
Issued : 2018-02-20 21:11
Updated : 2018-02-21 21:18 CVEs : CVE-2017-15134
Description : Package updates are available for Amazon Linux 2 that fix the
: following vulnerabilities: CVE-2017-15134:
: 1531573:
: CVE-2017-15134 389-ds-base: Remote DoS via search
: filters in slapi_filter_sprintf in slapd/util.c A
: stack buffer overflow flaw was found in the way
: 389-ds-base handled certain LDAP search filters. A
: remote, unauthenticated attacker could potentially
: use this flaw to make ns-slapd crash via a
: specially crafted LDAP request, thus resulting in
: denial of service.
Severity : important
Installed : false
** 省略 **
yum updateinfo ALAS2-yyyy-nnnn
[ec2-user@ip-xx-xx-xx-xx ~]$ yum updateinfo ALAS2-2021-1590
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
amzn2-core/2/x86_64 | 3.7 kB 00:00
===============================================================================
Amazon Linux 2 2017.12 - ALAS2-2021-1590: important priority package update for sudo
===============================================================================
Update ID : ALAS2-2021-1590
Release :
Type : security
Status : final
Issued : 2021-01-25 23:09
Updated : 2021-01-26 18:48 CVEs : CVE-2021-3156
Description : Package updates are available for Amazon Linux 2 that fix the
: following vulnerabilities: CVE-2021-3156:
:
: 99999:
Severity : important
updateinfo info done
sudo yum update –security
[ec2-user@ip-xx-xx-xx-xx ~]$ sudo yum update --security
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
amzn2-core | 3.7 kB 00:00
--> kpatch-runtime-0.8.0-4.amzn2.noarch from installed removed (updateinfo)
--> pyliblzma-0.5.3-11.amzn2.0.2.x86_64 from installed removed (updateinfo)
--> pygpgme-0.3-9.amzn2.0.3.x86_64 from amzn2-core removed (updateinfo)
--> libsss_nss_idmap-1.16.4-21.amzn2.x86_64 from installed removed (updateinfo)
--> amazon-cloudwatch-agent-1.247345.35-1.amzn2.x86_64 from @amzn2-core removed (updateinfo)
--> boost-system-1.53.0-27.amzn2.0.3.x86_64 from installed removed (updateinfo)
--> selinux-policy-targeted-3.13.1-192.amzn2.6.5.noarch from installed removed (updateinfo)
--> amazon-linux-extras-1.6.13-1.amzn2.noarch from installed removed (updateinfo)
--> pygpgme-0.3-9.amzn2.0.2.x86_64 from installed removed (updateinfo)
--> ca-certificates-2020.2.41-70.0.amzn2.0.1.noarch from amzn2-core removed (updateinfo)
--> sssd-client-1.16.4-21.amzn2.x86_64 from installed removed (updateinfo)
--> boost-thread-1.53.0-27.amzn2.0.3.x86_64 from installed removed (updateinfo)
--> pyliblzma-0.5.3-25.amzn2.x86_64 from amzn2-core removed (updateinfo)
--> amazon-cloudwatch-agent-1.247347.4-1.amzn2.x86_64 from amzn2-core removed (updateinfo)
--> ec2-net-utils-1.4-43.amzn2.noarch from amzn2-core removed (updateinfo)
--> ec2-utils-1.2-43.amzn2.noarch from amzn2-core removed (updateinfo)
--> kpatch-runtime-0.9.2-4.amzn2.noarch from amzn2-core removed (updateinfo)
--> libsss_idmap-1.16.5-10.amzn2.6.x86_64 from amzn2-core removed (updateinfo)
--> libsss_idmap-1.16.4-21.amzn2.x86_64 from installed removed (updateinfo)
--> selinux-policy-targeted-3.13.1-192.amzn2.6.7.noarch from amzn2-core removed (updateinfo)
--> amazon-linux-extras-2.0.0-1.amzn2.noarch from amzn2-core removed (updateinfo)
--> boost-thread-1.53.0-27.amzn2.0.5.x86_64 from amzn2-core removed (updateinfo)
--> amazon-linux-extras-yum-plugin-1.6.13-1.amzn2.noarch from installed removed (updateinfo)
--> selinux-policy-3.13.1-192.amzn2.6.7.noarch from amzn2-core removed (updateinfo)
--> sssd-client-1.16.5-10.amzn2.6.x86_64 from amzn2-core removed (updateinfo)
--> boost-date-time-1.53.0-27.amzn2.0.3.x86_64 from installed removed (updateinfo)
--> ec2-net-utils-1.4-3.amzn2.noarch from installed removed (updateinfo)
--> rng-tools-6.8-3.amzn2.0.4.x86_64 from installed removed (updateinfo)
--> amazon-linux-extras-yum-plugin-2.0.0-1.amzn2.noarch from amzn2-core removed (updateinfo)
--> yum-3.4.3-158.amzn2.0.5.noarch from amzn2-core removed (updateinfo)
--> libsss_nss_idmap-1.16.5-10.amzn2.6.x86_64 from amzn2-core removed (updateinfo)
--> selinux-policy-3.13.1-192.amzn2.6.5.noarch from installed removed (updateinfo)
--> boost-system-1.53.0-27.amzn2.0.5.x86_64 from amzn2-core removed (updateinfo)
--> rng-tools-6.8-3.amzn2.0.5.x86_64 from amzn2-core removed (updateinfo)
--> boost-date-time-1.53.0-27.amzn2.0.5.x86_64 from amzn2-core removed (updateinfo)
--> ec2-utils-1.2-3.amzn2.noarch from installed removed (updateinfo)
--> yum-3.4.3-158.amzn2.0.4.noarch from installed removed (updateinfo)
--> ca-certificates-2019.2.32-76.amzn2.0.3.noarch from installed removed (updateinfo)
26 package(s) needed (+0 related) for security, out of 45 available
Resolving Dependencies
--> Running transaction check
---> Package bind-export-libs.x86_64 32:9.11.4-26.P2.amzn2.2 will be updated
---> Package bind-export-libs.x86_64 32:9.11.4-26.P2.amzn2.4 will be an update
---> Package bind-libs.x86_64 32:9.11.4-26.P2.amzn2.2 will be updated
---> Package bind-libs.x86_64 32:9.11.4-26.P2.amzn2.4 will be an update
---> Package bind-libs-lite.x86_64 32:9.11.4-26.P2.amzn2.2 will be updated
---> Package bind-libs-lite.x86_64 32:9.11.4-26.P2.amzn2.4 will be an update
---> Package bind-license.noarch 32:9.11.4-26.P2.amzn2.2 will be updated
---> Package bind-license.noarch 32:9.11.4-26.P2.amzn2.4 will be an update
---> Package bind-utils.x86_64 32:9.11.4-26.P2.amzn2.2 will be updated
---> Package bind-utils.x86_64 32:9.11.4-26.P2.amzn2.4 will be an update
---> Package cloud-init.noarch 0:19.3-4.amzn2 will be updated
---> Package cloud-init.noarch 0:19.3-43.amzn2 will be an update
---> Package glibc.x86_64 0:2.26-39.amzn2 will be updated
---> Package glibc.x86_64 0:2.26-43.amzn2 will be an update
---> Package glibc-all-langpacks.x86_64 0:2.26-39.amzn2 will be updated
---> Package glibc-all-langpacks.x86_64 0:2.26-43.amzn2 will be an update
---> Package glibc-common.x86_64 0:2.26-39.amzn2 will be updated
---> Package glibc-common.x86_64 0:2.26-43.amzn2 will be an update
---> Package glibc-locale-source.x86_64 0:2.26-39.amzn2 will be updated
---> Package glibc-locale-source.x86_64 0:2.26-43.amzn2 will be an update
---> Package glibc-minimal-langpack.x86_64 0:2.26-39.amzn2 will be updated
---> Package glibc-minimal-langpack.x86_64 0:2.26-43.amzn2 will be an update
---> Package kernel.x86_64 0:4.14.225-169.362.amzn2 will be installed
---> Package kernel-tools.x86_64 0:4.14.209-160.339.amzn2 will be updated
---> Package kernel-tools.x86_64 0:4.14.225-169.362.amzn2 will be an update
---> Package libcrypt.x86_64 0:2.26-39.amzn2 will be updated
---> Package libcrypt.x86_64 0:2.26-43.amzn2 will be an update
---> Package openssl.x86_64 1:1.0.2k-19.amzn2.0.4 will be updated
---> Package openssl.x86_64 1:1.0.2k-19.amzn2.0.6 will be an update
---> Package openssl-libs.x86_64 1:1.0.2k-19.amzn2.0.4 will be updated
---> Package openssl-libs.x86_64 1:1.0.2k-19.amzn2.0.6 will be an update
---> Package perl.x86_64 4:5.16.3-294.amzn2 will be updated
---> Package perl.x86_64 4:5.16.3-299.amzn2.0.1 will be an update
---> Package perl-Pod-Escapes.noarch 1:1.04-294.amzn2 will be updated
---> Package perl-Pod-Escapes.noarch 1:1.04-299.amzn2.0.1 will be an update
---> Package perl-libs.x86_64 4:5.16.3-294.amzn2 will be updated
---> Package perl-libs.x86_64 4:5.16.3-299.amzn2.0.1 will be an update
---> Package perl-macros.x86_64 4:5.16.3-294.amzn2 will be updated
---> Package perl-macros.x86_64 4:5.16.3-299.amzn2.0.1 will be an update
---> Package python.x86_64 0:2.7.18-1.amzn2.0.2 will be updated
---> Package python.x86_64 0:2.7.18-1.amzn2.0.3 will be an update
---> Package python-devel.x86_64 0:2.7.18-1.amzn2.0.2 will be updated
---> Package python-devel.x86_64 0:2.7.18-1.amzn2.0.3 will be an update
---> Package python-libs.x86_64 0:2.7.18-1.amzn2.0.2 will be updated
---> Package python-libs.x86_64 0:2.7.18-1.amzn2.0.3 will be an update
---> Package screen.x86_64 0:4.1.0-0.25.20120314git3c2946.amzn2 will be updated
---> Package screen.x86_64 0:4.1.0-0.27.20120314git3c2946.amzn2 will be an update
---> Package sudo.x86_64 0:1.8.23-4.amzn2.2 will be updated
---> Package sudo.x86_64 0:1.8.23-10.amzn2.1 will be an update
---> Package unzip.x86_64 0:6.0-21.amzn2 will be updated
---> Package unzip.x86_64 0:6.0-43.amzn2 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
kernel x86_64 4.14.225-169.362.amzn2 amzn2-core 21 M
Updating:
bind-export-libs x86_64 32:9.11.4-26.P2.amzn2.4 amzn2-core 1.1 M
bind-libs x86_64 32:9.11.4-26.P2.amzn2.4 amzn2-core 157 k
bind-libs-lite x86_64 32:9.11.4-26.P2.amzn2.4 amzn2-core 1.1 M
bind-license noarch 32:9.11.4-26.P2.amzn2.4 amzn2-core 91 k
bind-utils x86_64 32:9.11.4-26.P2.amzn2.4 amzn2-core 259 k
cloud-init noarch 19.3-43.amzn2 amzn2-core 925 k
glibc x86_64 2.26-43.amzn2 amzn2-core 3.3 M
glibc-all-langpacks x86_64 2.26-43.amzn2 amzn2-core 7.0 M
glibc-common x86_64 2.26-43.amzn2 amzn2-core 770 k
glibc-locale-source x86_64 2.26-43.amzn2 amzn2-core 3.2 M
glibc-minimal-langpack
x86_64 2.26-43.amzn2 amzn2-core 29 k
kernel-tools x86_64 4.14.225-169.362.amzn2 amzn2-core 140 k
libcrypt x86_64 2.26-43.amzn2 amzn2-core 49 k
openssl x86_64 1:1.0.2k-19.amzn2.0.6 amzn2-core 495 k
openssl-libs x86_64 1:1.0.2k-19.amzn2.0.6 amzn2-core 1.2 M
perl x86_64 4:5.16.3-299.amzn2.0.1 amzn2-core 8.0 M
perl-Pod-Escapes noarch 1:1.04-299.amzn2.0.1 amzn2-core 52 k
perl-libs x86_64 4:5.16.3-299.amzn2.0.1 amzn2-core 685 k
perl-macros x86_64 4:5.16.3-299.amzn2.0.1 amzn2-core 44 k
python x86_64 2.7.18-1.amzn2.0.3 amzn2-core 93 k
python-devel x86_64 2.7.18-1.amzn2.0.3 amzn2-core 403 k
python-libs x86_64 2.7.18-1.amzn2.0.3 amzn2-core 7.5 M
screen x86_64 4.1.0-0.27.20120314git3c2946.amzn2 amzn2-core 549 k
sudo x86_64 1.8.23-10.amzn2.1 amzn2-core 846 k
unzip x86_64 6.0-43.amzn2 amzn2-core 179 k
Transaction Summary
================================================================================
Install 1 Package
Upgrade 25 Packages
Total download size: 59 M
Is this ok [y/d/N]: y
Downloading packages:
** 省略 **
Installed:
kernel.x86_64 0:4.14.225-169.362.amzn2
Updated:
bind-export-libs.x86_64 32:9.11.4-26.P2.amzn2.4
bind-libs.x86_64 32:9.11.4-26.P2.amzn2.4
bind-libs-lite.x86_64 32:9.11.4-26.P2.amzn2.4
bind-license.noarch 32:9.11.4-26.P2.amzn2.4
bind-utils.x86_64 32:9.11.4-26.P2.amzn2.4
cloud-init.noarch 0:19.3-43.amzn2
glibc.x86_64 0:2.26-43.amzn2
glibc-all-langpacks.x86_64 0:2.26-43.amzn2
glibc-common.x86_64 0:2.26-43.amzn2
glibc-locale-source.x86_64 0:2.26-43.amzn2
glibc-minimal-langpack.x86_64 0:2.26-43.amzn2
kernel-tools.x86_64 0:4.14.225-169.362.amzn2
libcrypt.x86_64 0:2.26-43.amzn2
openssl.x86_64 1:1.0.2k-19.amzn2.0.6
openssl-libs.x86_64 1:1.0.2k-19.amzn2.0.6
perl.x86_64 4:5.16.3-299.amzn2.0.1
perl-Pod-Escapes.noarch 1:1.04-299.amzn2.0.1
perl-libs.x86_64 4:5.16.3-299.amzn2.0.1
perl-macros.x86_64 4:5.16.3-299.amzn2.0.1
python.x86_64 0:2.7.18-1.amzn2.0.3
python-devel.x86_64 0:2.7.18-1.amzn2.0.3
python-libs.x86_64 0:2.7.18-1.amzn2.0.3
screen.x86_64 0:4.1.0-0.27.20120314git3c2946.amzn2
sudo.x86_64 0:1.8.23-10.amzn2.1
unzip.x86_64 0:6.0-43.amzn2
Complete!
脆弱性の情報を調査する
Amazon Linux Security Center
- 以下のAmazon Linux Security Center より、Amazon Linux 2 のSecurity Advisory(ALAS2-yyyy-nnnn)の内容が確認できます。
https://alas.aws.amazon.com/alas2.html- 以下、Amazon Linux Security Center の画面サンプルです。
Red Hat CVE Database
- 以下のRed Hat CVE Database より、CVE(CVE-yyyy-nnnnn)の内容が確認できます。
https://access.redhat.com/security/security-updates/#/cve- 以下、Red Hat CVE Database の画面サンプルです。
参考情報
- RHEL のYUM コマンドチートシートです。
https://access.redhat.com/sites/default/files/attachments/rh...