2021年7月12日 星期一

Linux RPM query change log and CVE

Linux RPM 查詢某套件的 Change Log 及 CVE

例:
rpm -q --changelog httpd
資料通常還滿長的,可以加 | less 查看,時序是新的在前面

以下節錄 httpd 的輸出資料
* 2021 5月 14 五 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-40
- Resolves: #1952557 - mod_proxy_wstunnel.html is a malformed XML
- Resolves: #1937334 - SSLProtocol with based virtual hosts

* 2021 1月 26 二 Artem Egorenkov <aegorenk@redhat.com> - 2.4.37-39
- prevent htcacheclean from while break when first file processed

* 2021 1月 26 二 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-38
- Resolves: #1918741 - Thousands of /tmp/modproxy.tmp.* files created by apache

* 2020 12月 09 三 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-37
- Resolves: #1883648 - [RFE] Update httpd directive SSLProxyMachineCertificateFile
to be able to handle certs without matching private key

* 2020 11月 30 一 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-36
- Resolves: #1896176 - [RFE] ProxyWebsocketIdleTimeout from httpd
mod_proxy_wstunnel
- Resolves: #1847585 - mod_ldap: High CPU usage at apr_ldap_rebind_remove()

* 2020 11月 11 三 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-35
- Resolves: #1651376 - centralizing default index.html for httpd

* 2020 11月 06 五 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-33
- Resolves: #1868608 - Intermittent Segfault in Apache httpd due to pool
concurrency issues
- Resolves: #1861380 - httpd/mod_proxy_http/mod_ssl aborted when sending
a client cert to backend server
- Resolves: #1680118 - unorderly connection close when client attempts
renegotiation

* 2020 10月 29 四 Lubos Uhliarik <luhliari@redhat.com> - 2.4.37-31
- Resolves: #1677590 - CVE-2018-17199 httpd:2.4/httpd: mod_session_cookie does
not respect expiry time
- Resolves: #1869075 - CVE-2020-11984 httpd:2.4/httpd: mod_proxy_uswgi buffer
overflow
- Resolves: #1872828 - httpd: typo in htpasswd, contained in httpd-tools package
- Resolves: #1869576 - httpd : mod_proxy should allow to specify
Proxy-Authorization in ProxyRemote directive
- Resolves: #1875844 - mod_cgid takes CGIDScriptTimeout x 2 seconds for timeout
- Resolves: #1891829 - mod_proxy_hcheck Doesn't perform checks when in
a balancer

沒有留言:

FTP is dead

FTP,時代的眼淚,以前幾乎每個大學都有自己的 FTP,放各式各樣的開放軟體, 如今主流瀏覽器 Chrome、Firefox、Edge 都已經淘汰 FTP 的協定,主要原因是 FTP 協定是明碼傳輸,無安全性可言。 但個人認為本來就是 Public Anonymous FTP ...