Below command can be used to check of list of security vulnerability fixes (CVE fixes) in particular rpm package version on Linux.
Below is example snippet of above command which lists vulnerability fixes on openssl rpm package.
Products to which Article Applies
All Linux Environments
rpm -q --changelog <rpm package name> | grep -i cve
Below is example snippet of above command which lists vulnerability fixes on openssl rpm package.
# rpm -q --changelog openssl | grep -i cve
- fix CVE-2018-5407 - EC signature local timing side-channel key extraction
- fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA
- fix CVE-2017-3735 - possible one byte overread with X.509 IPAdressFamily
- fix CVE-2018-0732 - large prime DH DoS of TLS client
- fix CVE-2018-0737 - RSA key generation cache timing vulnerability
- fix CVE-2018-0739 - stack overflow parsing recursive ASN.1 structure
- fix CVE-2017-3737 - incorrect handling of fatal error state
- fix CVE-2017-3738 - AVX2 Montgomery multiplication bug with 1024 bit modulus
- fix CVE-2017-3736 - carry propagation bug in Montgomery multiplication
- fix CVE-2018-5407 - EC signature local timing side-channel key extraction
- fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA
- fix CVE-2017-3735 - possible one byte overread with X.509 IPAdressFamily
- fix CVE-2018-0732 - large prime DH DoS of TLS client
- fix CVE-2018-0737 - RSA key generation cache timing vulnerability
- fix CVE-2018-0739 - stack overflow parsing recursive ASN.1 structure
- fix CVE-2017-3737 - incorrect handling of fatal error state
- fix CVE-2017-3738 - AVX2 Montgomery multiplication bug with 1024 bit modulus
- fix CVE-2017-3736 - carry propagation bug in Montgomery multiplication
Products to which Article Applies
All Linux Environments
Additional References
https://www.centos.org/forums/viewtopic.php?t=51443
tarun boyella
No comments:
Post a Comment