yum によるAmazon Linuxセキュリティパッチ更新

4月 1, 2021AmazonLinux_CentOS,EC2,OperatingSystem,セキュリティ関連

概要

  • 今回は、yumコマンドを使ったLinux OS のセキュリティパッチ更新方法をまとめます。yum update コマンドはシステム構築で頻繁に使用しますが、サービス開始後のシステムではインパクトが大きいかと思います。一方で、日々公開される脆弱性の情報に対応するため、セキュリティパッチの更新は必須です。
  • 以下に紹介するセキュリティ関連のyumコマンドを使用することで、Linux OS全体ではなく、セキュリティパッチのみを更新することが可能です。
  • 対象OS は、Amazon Linux となります。(CentOS は対象外です)

 

OS を最新の状態に保つ

よく使う セキュリティ関連のyumコマンド

  • yum list updates --security  (= yum check-update --security)
    • 利用可能なセキュリティアップデートのパッケージ一覧を取得します。
  • yum updateinfo
    • 利用可能なセキュリティアップデートのサマリーを表示します。
  • yum updateinfo list  (= yum updateinfo security)
    • 利用可能なセキュリティアップデートを一覧で表示します。
  • yum updateinfo all
    • 利用可能なセキュリティアップデートの情報をfullで表示します。
  • yum updateinfo ALAS2-yyyy-nnnn
    • 特定のセキュリティアップデートに関する情報を表示します。
  • sudo yum update --security
    • 利用可能なセキュリティアップデートを更新する。
  • sudo yum update --advisory=ALAS2-yyyy-nnnn
    • 特定のセキュリティアップデートを更新する。

 

yumコマンドの実行サンプル

yum list updates –security

[ec2-user@ip-xx-xx-xx-xx ~]$ yum list updates --security
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
 --> 2:cheese-camera-service-3.22.1-2.amzn2.x86_64 from amzn2-core excluded (updateinfo)
 --> SDL2-static-2.0.10-1.amzn2.x86_64 from amzn2-core excluded (updateinfo)
 --> libgomp-7.3.1-6.amzn2.0.4.x86_64 from amzn2-core excluded (updateinfo)

** 省略 **

 --> runc-1.0.0-0.1.20190510.git2b18fe1.amzn2.x86_64 from amzn2extra-docker excluded (updateinfo)
 --> docker-18.06.1ce-5.amzn2.x86_64 from amzn2extra-docker excluded (updateinfo)
 --> docker-18.03.1ce-3.amzn2.x86_64 from amzn2extra-docker excluded (updateinfo)
26 package(s) needed for security, out of 45 available
Updated Packages
bind-export-libs.x86_64         32:9.11.4-26.P2.amzn2.4               amzn2-core
bind-libs.x86_64                32:9.11.4-26.P2.amzn2.4               amzn2-core
bind-libs-lite.x86_64           32:9.11.4-26.P2.amzn2.4               amzn2-core
bind-license.noarch             32:9.11.4-26.P2.amzn2.4               amzn2-core
bind-utils.x86_64               32:9.11.4-26.P2.amzn2.4               amzn2-core
cloud-init.noarch               19.3-43.amzn2                         amzn2-core
glibc.x86_64                    2.26-43.amzn2                         amzn2-core
glibc-all-langpacks.x86_64      2.26-43.amzn2                         amzn2-core
glibc-common.x86_64             2.26-43.amzn2                         amzn2-core
glibc-locale-source.x86_64      2.26-43.amzn2                         amzn2-core
glibc-minimal-langpack.x86_64   2.26-43.amzn2                         amzn2-core
kernel.x86_64                   4.14.225-169.362.amzn2                amzn2-core
kernel-tools.x86_64             4.14.225-169.362.amzn2                amzn2-core
libcrypt.x86_64                 2.26-43.amzn2                         amzn2-core
openssl.x86_64                  1:1.0.2k-19.amzn2.0.6                 amzn2-core
openssl-libs.x86_64             1:1.0.2k-19.amzn2.0.6                 amzn2-core
perl.x86_64                     4:5.16.3-299.amzn2.0.1                amzn2-core
perl-Pod-Escapes.noarch         1:1.04-299.amzn2.0.1                  amzn2-core
perl-libs.x86_64                4:5.16.3-299.amzn2.0.1                amzn2-core
perl-macros.x86_64              4:5.16.3-299.amzn2.0.1                amzn2-core
python.x86_64                   2.7.18-1.amzn2.0.3                    amzn2-core
python-devel.x86_64             2.7.18-1.amzn2.0.3                    amzn2-core
python-libs.x86_64              2.7.18-1.amzn2.0.3                    amzn2-core
screen.x86_64                   4.1.0-0.27.20120314git3c2946.amzn2    amzn2-core
sudo.x86_64                     1.8.23-10.amzn2.1                     amzn2-core
unzip.x86_64                    6.0-43.amzn2                          amzn2-core

 

yum updateinfo

[ec2-user@ip-xx-xx-xx-xx ~]$ yum updateinfo
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Updates Information Summary: updates
    14 Security notice(s)
         1 critical Security notice(s)
         8 important Security notice(s)
         5 medium Security notice(s)
updateinfo summary done

 

yum updateinfo list

[ec2-user@ip-xx-xx-xx-xx ~]$ yum updateinfo list
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
ALAS2-2021-1614 important/Sec. bind-export-libs-32:9.11.4-26.P2.amzn2.4.x86_64
ALAS2-2021-1614 important/Sec. bind-libs-32:9.11.4-26.P2.amzn2.4.x86_64
ALAS2-2021-1614 important/Sec. bind-libs-lite-32:9.11.4-26.P2.amzn2.4.x86_64
ALAS2-2021-1614 important/Sec. bind-license-32:9.11.4-26.P2.amzn2.4.noarch
ALAS2-2021-1614 important/Sec. bind-utils-32:9.11.4-26.P2.amzn2.4.x86_64
ALAS2-2021-1620 medium/Sec.    cloud-init-19.3-43.amzn2.noarch
ALAS2-2021-1599 important/Sec. glibc-2.26-40.amzn2.x86_64
ALAS2-2021-1605 important/Sec. glibc-2.26-41.amzn2.x86_64
ALAS2-2021-1615 medium/Sec.    glibc-2.26-42.amzn2.x86_64
ALAS2-2021-1599 important/Sec. glibc-all-langpacks-2.26-40.amzn2.x86_64
ALAS2-2021-1605 important/Sec. glibc-all-langpacks-2.26-41.amzn2.x86_64
ALAS2-2021-1615 medium/Sec.    glibc-all-langpacks-2.26-42.amzn2.x86_64
ALAS2-2021-1599 important/Sec. glibc-common-2.26-40.amzn2.x86_64
ALAS2-2021-1605 important/Sec. glibc-common-2.26-41.amzn2.x86_64
ALAS2-2021-1615 medium/Sec.    glibc-common-2.26-42.amzn2.x86_64
ALAS2-2021-1599 important/Sec. glibc-locale-source-2.26-40.amzn2.x86_64
ALAS2-2021-1605 important/Sec. glibc-locale-source-2.26-41.amzn2.x86_64
ALAS2-2021-1615 medium/Sec.    glibc-locale-source-2.26-42.amzn2.x86_64
ALAS2-2021-1599 important/Sec. glibc-minimal-langpack-2.26-40.amzn2.x86_64
ALAS2-2021-1605 important/Sec. glibc-minimal-langpack-2.26-41.amzn2.x86_64
ALAS2-2021-1615 medium/Sec.    glibc-minimal-langpack-2.26-42.amzn2.x86_64
ALAS2-2021-1588 important/Sec. kernel-4.14.214-160.339.amzn2.x86_64
ALAS2-2021-1600 important/Sec. kernel-4.14.219-161.340.amzn2.x86_64
ALAS2-2021-1616 important/Sec. kernel-4.14.225-168.357.amzn2.x86_64
ALAS2-2021-1588 important/Sec. kernel-tools-4.14.214-160.339.amzn2.x86_64
ALAS2-2021-1600 important/Sec. kernel-tools-4.14.219-161.340.amzn2.x86_64
ALAS2-2021-1616 important/Sec. kernel-tools-4.14.225-168.357.amzn2.x86_64
ALAS2-2021-1599 important/Sec. libcrypt-2.26-40.amzn2.x86_64
ALAS2-2021-1605 important/Sec. libcrypt-2.26-41.amzn2.x86_64
ALAS2-2021-1615 medium/Sec.    libcrypt-2.26-42.amzn2.x86_64
ALAS2-2021-1608 medium/Sec.    openssl-1:1.0.2k-19.amzn2.0.6.x86_64
ALAS2-2021-1608 medium/Sec.    openssl-libs-1:1.0.2k-19.amzn2.0.6.x86_64
ALAS2-2021-1610 medium/Sec.    perl-4:5.16.3-299.amzn2.0.1.x86_64
ALAS2-2021-1610 medium/Sec.    perl-Pod-Escapes-1:1.04-299.amzn2.0.1.noarch
ALAS2-2021-1610 medium/Sec.    perl-libs-4:5.16.3-299.amzn2.0.1.x86_64
ALAS2-2021-1610 medium/Sec.    perl-macros-4:5.16.3-299.amzn2.0.1.x86_64
ALAS2-2021-1611 medium/Sec.    python-2.7.18-1.amzn2.0.3.x86_64
ALAS2-2021-1611 medium/Sec.    python-devel-2.7.18-1.amzn2.0.3.x86_64
ALAS2-2021-1611 medium/Sec.    python-libs-2.7.18-1.amzn2.0.3.x86_64
ALAS2-2021-1623 critical/Sec.  screen-4.1.0-0.27.20120314git3c2946.amzn2.x86_64
ALAS2-2021-1590 important/Sec. sudo-1.8.23-4.amzn2.2.1.x86_64
ALAS2-2021-1604 important/Sec. unzip-6.0-43.amzn2.x86_64
updateinfo list done

 

yum updateinfo all

[ec2-user@ip-xx-xx-xx-xx ~]$ yum updateinfo all
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd

===============================================================================
  Amazon Linux 2 2017.12 - ALAS2-2018-955: important priority package update for 389-ds-base
===============================================================================
  Update ID : ALAS2-2018-955
    Release : 
       Type : security
     Status : final
     Issued : 2018-02-20 21:11
    Updated : 2018-02-21 21:18       CVEs : CVE-2017-15134
Description : Package updates are available for Amazon Linux 2 that fix the
            : following vulnerabilities: CVE-2017-15134:
            :         1531573:
            : CVE-2017-15134 389-ds-base: Remote DoS via search
            : filters in slapi_filter_sprintf in slapd/util.c A
            : stack buffer overflow flaw was found in the way
            : 389-ds-base handled certain LDAP search filters. A
            : remote, unauthenticated attacker could potentially
            : use this flaw to make ns-slapd crash via a
            : specially crafted LDAP request, thus resulting in
            : denial of service.
   Severity : important
  Installed : false

** 省略 **

 

yum updateinfo ALAS2-yyyy-nnnn

[ec2-user@ip-xx-xx-xx-xx ~]$ yum updateinfo ALAS2-2021-1590
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
amzn2-core/2/x86_64                                      | 3.7 kB     00:00     

===============================================================================
  Amazon Linux 2 2017.12 - ALAS2-2021-1590: important priority package update for sudo
===============================================================================
  Update ID : ALAS2-2021-1590
    Release : 
       Type : security
     Status : final
     Issued : 2021-01-25 23:09
    Updated : 2021-01-26 18:48       CVEs : CVE-2021-3156
Description : Package updates are available for Amazon Linux 2 that fix the
            : following vulnerabilities: CVE-2021-3156:
            : 
            : 99999:
   Severity : important
updateinfo info done

 

sudo yum update –security

[ec2-user@ip-xx-xx-xx-xx ~]$ sudo yum update --security
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
amzn2-core                                               | 3.7 kB     00:00     
 --> kpatch-runtime-0.8.0-4.amzn2.noarch from installed removed (updateinfo)
 --> pyliblzma-0.5.3-11.amzn2.0.2.x86_64 from installed removed (updateinfo)
 --> pygpgme-0.3-9.amzn2.0.3.x86_64 from amzn2-core removed (updateinfo)
 --> libsss_nss_idmap-1.16.4-21.amzn2.x86_64 from installed removed (updateinfo)
 --> amazon-cloudwatch-agent-1.247345.35-1.amzn2.x86_64 from @amzn2-core removed (updateinfo)
 --> boost-system-1.53.0-27.amzn2.0.3.x86_64 from installed removed (updateinfo)
 --> selinux-policy-targeted-3.13.1-192.amzn2.6.5.noarch from installed removed (updateinfo)
 --> amazon-linux-extras-1.6.13-1.amzn2.noarch from installed removed (updateinfo)
 --> pygpgme-0.3-9.amzn2.0.2.x86_64 from installed removed (updateinfo)
 --> ca-certificates-2020.2.41-70.0.amzn2.0.1.noarch from amzn2-core removed (updateinfo)
 --> sssd-client-1.16.4-21.amzn2.x86_64 from installed removed (updateinfo)
 --> boost-thread-1.53.0-27.amzn2.0.3.x86_64 from installed removed (updateinfo)
 --> pyliblzma-0.5.3-25.amzn2.x86_64 from amzn2-core removed (updateinfo)
 --> amazon-cloudwatch-agent-1.247347.4-1.amzn2.x86_64 from amzn2-core removed (updateinfo)
 --> ec2-net-utils-1.4-43.amzn2.noarch from amzn2-core removed (updateinfo)
 --> ec2-utils-1.2-43.amzn2.noarch from amzn2-core removed (updateinfo)
 --> kpatch-runtime-0.9.2-4.amzn2.noarch from amzn2-core removed (updateinfo)
 --> libsss_idmap-1.16.5-10.amzn2.6.x86_64 from amzn2-core removed (updateinfo)
 --> libsss_idmap-1.16.4-21.amzn2.x86_64 from installed removed (updateinfo)
 --> selinux-policy-targeted-3.13.1-192.amzn2.6.7.noarch from amzn2-core removed (updateinfo)
 --> amazon-linux-extras-2.0.0-1.amzn2.noarch from amzn2-core removed (updateinfo)
 --> boost-thread-1.53.0-27.amzn2.0.5.x86_64 from amzn2-core removed (updateinfo)
 --> amazon-linux-extras-yum-plugin-1.6.13-1.amzn2.noarch from installed removed (updateinfo)
 --> selinux-policy-3.13.1-192.amzn2.6.7.noarch from amzn2-core removed (updateinfo)
 --> sssd-client-1.16.5-10.amzn2.6.x86_64 from amzn2-core removed (updateinfo)
 --> boost-date-time-1.53.0-27.amzn2.0.3.x86_64 from installed removed (updateinfo)
 --> ec2-net-utils-1.4-3.amzn2.noarch from installed removed (updateinfo)
 --> rng-tools-6.8-3.amzn2.0.4.x86_64 from installed removed (updateinfo)
 --> amazon-linux-extras-yum-plugin-2.0.0-1.amzn2.noarch from amzn2-core removed (updateinfo)
 --> yum-3.4.3-158.amzn2.0.5.noarch from amzn2-core removed (updateinfo)
 --> libsss_nss_idmap-1.16.5-10.amzn2.6.x86_64 from amzn2-core removed (updateinfo)
 --> selinux-policy-3.13.1-192.amzn2.6.5.noarch from installed removed (updateinfo)
 --> boost-system-1.53.0-27.amzn2.0.5.x86_64 from amzn2-core removed (updateinfo)
 --> rng-tools-6.8-3.amzn2.0.5.x86_64 from amzn2-core removed (updateinfo)
 --> boost-date-time-1.53.0-27.amzn2.0.5.x86_64 from amzn2-core removed (updateinfo)
 --> ec2-utils-1.2-3.amzn2.noarch from installed removed (updateinfo)
 --> yum-3.4.3-158.amzn2.0.4.noarch from installed removed (updateinfo)
 --> ca-certificates-2019.2.32-76.amzn2.0.3.noarch from installed removed (updateinfo)
26 package(s) needed (+0 related) for security, out of 45 available
Resolving Dependencies
--> Running transaction check
---> Package bind-export-libs.x86_64 32:9.11.4-26.P2.amzn2.2 will be updated
---> Package bind-export-libs.x86_64 32:9.11.4-26.P2.amzn2.4 will be an update
---> Package bind-libs.x86_64 32:9.11.4-26.P2.amzn2.2 will be updated
---> Package bind-libs.x86_64 32:9.11.4-26.P2.amzn2.4 will be an update
---> Package bind-libs-lite.x86_64 32:9.11.4-26.P2.amzn2.2 will be updated
---> Package bind-libs-lite.x86_64 32:9.11.4-26.P2.amzn2.4 will be an update
---> Package bind-license.noarch 32:9.11.4-26.P2.amzn2.2 will be updated
---> Package bind-license.noarch 32:9.11.4-26.P2.amzn2.4 will be an update
---> Package bind-utils.x86_64 32:9.11.4-26.P2.amzn2.2 will be updated
---> Package bind-utils.x86_64 32:9.11.4-26.P2.amzn2.4 will be an update
---> Package cloud-init.noarch 0:19.3-4.amzn2 will be updated
---> Package cloud-init.noarch 0:19.3-43.amzn2 will be an update
---> Package glibc.x86_64 0:2.26-39.amzn2 will be updated
---> Package glibc.x86_64 0:2.26-43.amzn2 will be an update
---> Package glibc-all-langpacks.x86_64 0:2.26-39.amzn2 will be updated
---> Package glibc-all-langpacks.x86_64 0:2.26-43.amzn2 will be an update
---> Package glibc-common.x86_64 0:2.26-39.amzn2 will be updated
---> Package glibc-common.x86_64 0:2.26-43.amzn2 will be an update
---> Package glibc-locale-source.x86_64 0:2.26-39.amzn2 will be updated
---> Package glibc-locale-source.x86_64 0:2.26-43.amzn2 will be an update
---> Package glibc-minimal-langpack.x86_64 0:2.26-39.amzn2 will be updated
---> Package glibc-minimal-langpack.x86_64 0:2.26-43.amzn2 will be an update
---> Package kernel.x86_64 0:4.14.225-169.362.amzn2 will be installed
---> Package kernel-tools.x86_64 0:4.14.209-160.339.amzn2 will be updated
---> Package kernel-tools.x86_64 0:4.14.225-169.362.amzn2 will be an update
---> Package libcrypt.x86_64 0:2.26-39.amzn2 will be updated
---> Package libcrypt.x86_64 0:2.26-43.amzn2 will be an update
---> Package openssl.x86_64 1:1.0.2k-19.amzn2.0.4 will be updated
---> Package openssl.x86_64 1:1.0.2k-19.amzn2.0.6 will be an update
---> Package openssl-libs.x86_64 1:1.0.2k-19.amzn2.0.4 will be updated
---> Package openssl-libs.x86_64 1:1.0.2k-19.amzn2.0.6 will be an update
---> Package perl.x86_64 4:5.16.3-294.amzn2 will be updated
---> Package perl.x86_64 4:5.16.3-299.amzn2.0.1 will be an update
---> Package perl-Pod-Escapes.noarch 1:1.04-294.amzn2 will be updated
---> Package perl-Pod-Escapes.noarch 1:1.04-299.amzn2.0.1 will be an update
---> Package perl-libs.x86_64 4:5.16.3-294.amzn2 will be updated
---> Package perl-libs.x86_64 4:5.16.3-299.amzn2.0.1 will be an update
---> Package perl-macros.x86_64 4:5.16.3-294.amzn2 will be updated
---> Package perl-macros.x86_64 4:5.16.3-299.amzn2.0.1 will be an update
---> Package python.x86_64 0:2.7.18-1.amzn2.0.2 will be updated
---> Package python.x86_64 0:2.7.18-1.amzn2.0.3 will be an update
---> Package python-devel.x86_64 0:2.7.18-1.amzn2.0.2 will be updated
---> Package python-devel.x86_64 0:2.7.18-1.amzn2.0.3 will be an update
---> Package python-libs.x86_64 0:2.7.18-1.amzn2.0.2 will be updated
---> Package python-libs.x86_64 0:2.7.18-1.amzn2.0.3 will be an update
---> Package screen.x86_64 0:4.1.0-0.25.20120314git3c2946.amzn2 will be updated
---> Package screen.x86_64 0:4.1.0-0.27.20120314git3c2946.amzn2 will be an update
---> Package sudo.x86_64 0:1.8.23-4.amzn2.2 will be updated
---> Package sudo.x86_64 0:1.8.23-10.amzn2.1 will be an update
---> Package unzip.x86_64 0:6.0-21.amzn2 will be updated
---> Package unzip.x86_64 0:6.0-43.amzn2 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package             Arch   Version                            Repository  Size
================================================================================
Installing:
 kernel              x86_64 4.14.225-169.362.amzn2             amzn2-core  21 M
Updating:
 bind-export-libs    x86_64 32:9.11.4-26.P2.amzn2.4            amzn2-core 1.1 M
 bind-libs           x86_64 32:9.11.4-26.P2.amzn2.4            amzn2-core 157 k
 bind-libs-lite      x86_64 32:9.11.4-26.P2.amzn2.4            amzn2-core 1.1 M
 bind-license        noarch 32:9.11.4-26.P2.amzn2.4            amzn2-core  91 k
 bind-utils          x86_64 32:9.11.4-26.P2.amzn2.4            amzn2-core 259 k
 cloud-init          noarch 19.3-43.amzn2                      amzn2-core 925 k
 glibc               x86_64 2.26-43.amzn2                      amzn2-core 3.3 M
 glibc-all-langpacks x86_64 2.26-43.amzn2                      amzn2-core 7.0 M
 glibc-common        x86_64 2.26-43.amzn2                      amzn2-core 770 k
 glibc-locale-source x86_64 2.26-43.amzn2                      amzn2-core 3.2 M
 glibc-minimal-langpack
                     x86_64 2.26-43.amzn2                      amzn2-core  29 k
 kernel-tools        x86_64 4.14.225-169.362.amzn2             amzn2-core 140 k
 libcrypt            x86_64 2.26-43.amzn2                      amzn2-core  49 k
 openssl             x86_64 1:1.0.2k-19.amzn2.0.6              amzn2-core 495 k
 openssl-libs        x86_64 1:1.0.2k-19.amzn2.0.6              amzn2-core 1.2 M
 perl                x86_64 4:5.16.3-299.amzn2.0.1             amzn2-core 8.0 M
 perl-Pod-Escapes    noarch 1:1.04-299.amzn2.0.1               amzn2-core  52 k
 perl-libs           x86_64 4:5.16.3-299.amzn2.0.1             amzn2-core 685 k
 perl-macros         x86_64 4:5.16.3-299.amzn2.0.1             amzn2-core  44 k
 python              x86_64 2.7.18-1.amzn2.0.3                 amzn2-core  93 k
 python-devel        x86_64 2.7.18-1.amzn2.0.3                 amzn2-core 403 k
 python-libs         x86_64 2.7.18-1.amzn2.0.3                 amzn2-core 7.5 M
 screen              x86_64 4.1.0-0.27.20120314git3c2946.amzn2 amzn2-core 549 k
 sudo                x86_64 1.8.23-10.amzn2.1                  amzn2-core 846 k
 unzip               x86_64 6.0-43.amzn2                       amzn2-core 179 k

Transaction Summary
================================================================================
Install   1 Package
Upgrade  25 Packages

Total download size: 59 M
Is this ok [y/d/N]: y
Downloading packages:

** 省略 **

Installed:
  kernel.x86_64 0:4.14.225-169.362.amzn2                                        

Updated:
  bind-export-libs.x86_64 32:9.11.4-26.P2.amzn2.4                               
  bind-libs.x86_64 32:9.11.4-26.P2.amzn2.4                                      
  bind-libs-lite.x86_64 32:9.11.4-26.P2.amzn2.4                                 
  bind-license.noarch 32:9.11.4-26.P2.amzn2.4                                   
  bind-utils.x86_64 32:9.11.4-26.P2.amzn2.4                                     
  cloud-init.noarch 0:19.3-43.amzn2                                             
  glibc.x86_64 0:2.26-43.amzn2                                                  
  glibc-all-langpacks.x86_64 0:2.26-43.amzn2                                    
  glibc-common.x86_64 0:2.26-43.amzn2                                           
  glibc-locale-source.x86_64 0:2.26-43.amzn2                                    
  glibc-minimal-langpack.x86_64 0:2.26-43.amzn2                                 
  kernel-tools.x86_64 0:4.14.225-169.362.amzn2                                  
  libcrypt.x86_64 0:2.26-43.amzn2                                               
  openssl.x86_64 1:1.0.2k-19.amzn2.0.6                                          
  openssl-libs.x86_64 1:1.0.2k-19.amzn2.0.6                                     
  perl.x86_64 4:5.16.3-299.amzn2.0.1                                            
  perl-Pod-Escapes.noarch 1:1.04-299.amzn2.0.1                                  
  perl-libs.x86_64 4:5.16.3-299.amzn2.0.1                                       
  perl-macros.x86_64 4:5.16.3-299.amzn2.0.1                                     
  python.x86_64 0:2.7.18-1.amzn2.0.3                                            
  python-devel.x86_64 0:2.7.18-1.amzn2.0.3                                      
  python-libs.x86_64 0:2.7.18-1.amzn2.0.3                                       
  screen.x86_64 0:4.1.0-0.27.20120314git3c2946.amzn2                            
  sudo.x86_64 0:1.8.23-10.amzn2.1                                               
  unzip.x86_64 0:6.0-43.amzn2                                                   

Complete!

 

脆弱性の情報を調査する

Amazon Linux Security Center

  • 以下、Amazon Linux Security Center の画面サンプルです。

 

Red Hat CVE Database

  • 以下、Red Hat CVE Database の画面サンプルです。

 

参考情報

  • RHEL のYUM コマンドチートシートです。