26


Chapter 3. Security Updates


Linux Security Advisories. If the synopsis of one of the advisories describes a package used on your


system, click on the synopsis for more details.


The details page describes the security exploit and any special instructions that must be performed in


addition to updating the package to fix the security hole.


To download the updated package(s), click on the package name(s) and save to the hard drive. It


is highly recommended that you create a new directory such as


/tmp/updates


and save all the


downloaded packages to it.


All official Red Hat Linux packages are signed with the Red Hat, Inc. GPG key. The RPM utility in


Red Hat Linux 8.0 automatically tries to verify the GPG signature of an RPM before installing it. If


you do not have the Red Hat, Inc. GPG key installed, install it from a secure, static location such as


an official Red Hat Linux distribution CD ROM.


Assuming the CD ROM is mounted in


/mnt/cdrom


, use the following command to import it into the


keyring:


rpm   import /mnt/cdrom/RPM GPG KEY


To display a list of all keys installed for RPM verification, execute the command:


rpm  qa gpg pubkey*


For the Red Hat, Inc. key, the output will include:


gpg pubkey db42a60e 37ea5438


To display details about a specific key, use the


rpm  qi


followed by the output from the previous


command:


rpm  qi gpg pubkey db42a60e 37ea5438


It is extremely important that you verify the signature of the RPM files before installing them. This


step ensures that they have not been altered (such as a trojan horse being inserted into the packages)


from the official Red Hat, Inc. release of the packages. To verify all the downloaded packages at once:


rpm  K /tmp/updates/*.rpm


For each package, if the GPG key verifies successfully, it should return


gpg OK


in the output.


After verifying the GPG key and downloading all the packages associated with the errata report, install


them as root at a shell prompt. For example:


rpm  Uvh /tmp/updates/*.rpm


If the errata reports contained any special instructions, remember to execute them accordingly. If the


security errata packages contained a kernel package, be sure to reboot the machine to enable the new


kernel.








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      web hosting comparison

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Jsp Hosting
Cheap Hosting



Visionwebhosting.net Business web hosting division of Web 
Design Plus. All rights reserved