这个系列文章只是我的学习笔记而已,我的实验环境是在RHEL6下进行的。
Common Vulnerabilities and Exposures(CVE) is a standardized format for reporting and tracking security related software issues.The Community web presence and management of the CVE compatibility program is handle by the MITRE Corporation.CVE format is also used for the National Vulnerability Database(NVD) managed by the U.S National Institutes of Standards and Technology(NIST) References Website:
https://cve.mitre.org
National Vulnerability Database:
https://nvd.nist.gov
After a bug fix, vulnerability fix, of feature enhancement has been addressed in the Red Hat distributed software package, Red Hat will issue an errata announcement. There are three types of errata announcements: Red Hat Security Advisory RHSA
Red Hat Bug Fix Advisory RHBA
Red Hat Enhancement Advisory RHEA**
Prerequisites:
We should install yum security plug
yum-plugin-security.noarch Manual:
Man 8 yum-security
The main command in security update:
1.yum updateinfo
2.Yum updateinfo list --sec-severity=SEVS
The SEVS is such as: Critical,