Security Update vs Errata reporting with Yum

Latest response

I'm likely going to feel very stupid after folks respond to this, but I have a somewhat pressing issue (re: GHOST and glibc).
My Satellite shows that I have no hosts affected by the RHSA-2015:0092 / RHSA-2015:0090 - Fair enough...
So, I have went directly to the host to see what's up...

# yum check-update glibc nscd
Loaded plugins: product-id, rhnplugin, security, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
This system is receiving updates from RHN Classic or RHN Satellite.
Skipping security plugin, no data

glibc.i686                                      2.5-123.el5_11.1                               14wk25-rhel-x86_64-server-5
glibc.x86_64                                    2.5-123.el5_11.1                               14wk25-rhel-x86_64-server-5
nscd.x86_64                                     2.5-123.el5_11.1                               14wk25-rhel-x86_64-server-5
Obsoleting Packages
firefox.i386                                    24.6.0-1.el5_10                                14wk25-rhel-x86_64-server-5
    firefox.i386                                17.0.7-1.el5_9                                 installed                     
firefox.x86_64                                  24.6.0-1.el5_10                                14wk25-rhel-x86_64-server-5
    firefox.x86_64                              17.0.7-1.el5_9                                 installed                     
#  yum list-sec | egrep 'nscd|glibc'
CLA-2013:1308 bugfix   glibc-2.5-118.i686
CLA-2013:1411 security glibc-2.5-118.el5_10.2.i686
CLA-2013:1308 bugfix   glibc-common-2.5-118.x86_64
CLA-2013:1411 security glibc-common-2.5-118.el5_10.2.x86_64
CLA-2013:1308 bugfix   glibc-devel-2.5-118.x86_64
CLA-2013:1411 security glibc-devel-2.5-118.el5_10.2.x86_64
CLA-2013:1308 bugfix   glibc-headers-2.5-118.x86_64
CLA-2013:1411 security glibc-headers-2.5-118.el5_10.2.x86_64
CLA-2013:1308 bugfix   nscd-2.5-118.x86_64
CLA-2013:1411 security nscd-2.5-118.el5_10.2.x86_64

Yum list-sec seems concerned up to 2.5-118 - and yum check-update is reporting that 2.5-123 is available.

Does this seem correct? If so, why is 123 not considered a "security update". If not, what do you suppose is wrong in my environment? ;-)

This test host is actually subscribed to a clone created in week 25 of 2014, which I have pushed the glibc and nscd errata to (by simply using the add packages functionality). Should I have, instead, cloned security updates to the clone channel?

james.radtke@siriusxm.com's picture
Log in to join the conversation

Responses

james.radtke@siriusxm.com's picture Guru 6863 points
5 February 2015 9:15 PM

I just learned something new (and potentially answered my own question).
I believe the correct steps are: \
* Clone Errata to Clone Channels
Use "Clone Errata" functionality under the Errata tab in the WebUI
* Publish Errata
Then find the Errata under Errata | Manage Errata | Unpublished
Click Publish Errata and then select the Channels it applies to

I see a lot of room for error on my part... especially as the number of clones continues to grow. Therefore, I hope to have a scriptable way to deal with this end-to-end.

R. Hinton's picture Guru 6827 points
5 February 2015 9:17 PM

Nice, looking forward to that script (if possible to share), thanks James!

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.