get the last recent update for a package

Latest response

Hello there;
hope find a response here, I feel lost
we are using red hat enterprise linux (6.x)
the servers are offline, not connected to the internet
I'm looking a way to get the last recent update for an application ( like openssh, apache,...) for my servers , patched the known security vulnerabilities
how can I get them (with deendencies needed to update )
can I use errata data

regards

Responses

Hi Jeremi,

To achieve what you want, you have to use a supported edition of Red Hat Enterprise Linux.
RHEL 6 went EOL ... Please install one of the latest stable editions RHEL 8.6 or RHEL 9.0. :)

Regards,
Christian

we have to use 6.x untill we migrate to the latest version so now I need to make sure that the servers has the latest secure app used If I get the latest minor release for 6.x should I found the app updated ( patched) !? thank's

Hi Jeremi,

That's the minimum ! Definitely upgrade all packages to the latest available (RHEL 6.10) versions. :)

Regards,
Christian

I thought about two ways right now 1- first get the latest updated for my app that exist at the https://access.redhat.com/downloads/content/package-browser ( for my version 6.x), what about dependencies !!!?? 2- second one get the latest minor release for my version 6.7 ( latest is version 6.10) and try to update the necessary application from a local repository you think !?

Hi Jeremi,

To avoid dependency issues I strongly recommend to upgrade everything to the latest version RHEL 6.10.
As you (correctly) care about security, I also strongly recommend to move to a supported edition as soon
as possible. It's up to you to test if upgrading only the app you are talking about works, or not - but again :
The whole environment is completely unsafe to use - the system is vulnerable against attacks, act soon. :)

Regards,
Christian

thank's for you response; gonna try this solution upgrading to the latest version RHEL 6.10 ( is there big diffrent between the two release, as I have app running there) is the application that exist on the latest release (6.10) example appach, openssh, openssh have the known vulnerabilities fixed there or I shoud go through errata data regards

Hi Jeremi,

I think all has been said ... it's up to you to decide what to do. :)

Regards,
Christian

To add to this,

RHEL 6 has passed support unless you buy extended support from Red Hat. NOTE: RHEL 6.10 Maintenance Support II expired on Nov 30, 2020.

Christian's advice of upgrading to at minimum 6.10 is valid, but just to let you know, there are numerous high-risk issues with RHEL 6.10 since no updates are available unless you get extended support. Using a RHEL 6.10 installation disk to update to is better than not being at RHEL 6.10, but there are many other 6.10 updates that came after that 6.10 installation disk was created as well.

I realize you cannot go to a higher supported version of Linux for a while as you've explained above, but we just want to let you know that even after you upgrade to 6.10, this does not resolve the risks inherent in running RHEL 6.10.

Kind Regards,
RJ

Hi RJ,

Thanks for confirming what I (basically) told Jeremi above : "The whole environment
is completely unsafe to use - the system is vulnerable against attacks, act soon." ... :)

Regards,
Christian

hey RJ;

so I understand that the latest release of 6.x still have application not patched yet ( they create the binary image once, after that date they just add the update to the RHN every time a new flow was discovered)
for the forst point you said I'm not agree with you because using the latest major release of red hat (8 or 9) does not resolve the risks inherent in running it 
so the security vs stability is an issue that we still face now days, we build app based on an OS these app contain a lot of work, then I need to update it every time a new release appear

Good day to you Christian

True - I just wanted to give the stuff Red-Hatter Jamie Bainbridge mentioned in that link - he believed that important for customers to know.

Kind Regards and thanks
RJ

Sure thing, RJ - Jamie's contributions are (right like yours) always very useful ... oh, and Good day to you, too !

Cheers :)
Christian