get the last recent update for a package
Hello there;
hope find a response here, I feel lost
we are using red hat enterprise linux (6.x)
the servers are offline, not connected to the internet
I'm looking a way to get the last recent update for an application ( like openssh, apache,...) for my servers , patched the known security vulnerabilities
how can I get them (with deendencies needed to update )
can I use errata data
regards
Responses
Guru
31925 points
Hi Jeremi,
To achieve what you want, you have to use a supported edition of Red Hat Enterprise Linux.
RHEL 6 went EOL ... Please install one of the latest stable editions RHEL 8.6 or RHEL 9.0. :)
Regards,
Christian
Community Member
65 points
I thought about two ways right now 1- first get the latest updated for my app that exist at the https://access.redhat.com/downloads/content/package-browser ( for my version 6.x), what about dependencies !!!?? 2- second one get the latest minor release for my version 6.7 ( latest is version 6.10) and try to update the necessary application from a local repository you think !?
Guru
31925 points
Hi Jeremi,
To avoid dependency issues I strongly recommend to upgrade everything to the latest version RHEL 6.10.
As you (correctly) care about security, I also strongly recommend to move to a supported edition as soon
as possible. It's up to you to test if upgrading only the app you are talking about works, or not - but again :
The whole environment is completely unsafe to use - the system is vulnerable against attacks, act soon. :)
Regards,
Christian
Community Member
65 points
thank's for you response; gonna try this solution upgrading to the latest version RHEL 6.10 ( is there big diffrent between the two release, as I have app running there) is the application that exist on the latest release (6.10) example appach, openssh, openssh have the known vulnerabilities fixed there or I shoud go through errata data regards
Guru
20260 points
To add to this,
RHEL 6 has passed support unless you buy extended support from Red Hat. NOTE: RHEL 6.10 Maintenance Support II expired on Nov 30, 2020.
Christian's advice of upgrading to at minimum 6.10 is valid, but just to let you know, there are numerous high-risk issues with RHEL 6.10 since no updates are available unless you get extended support. Using a RHEL 6.10 installation disk to update to is better than not being at RHEL 6.10, but there are many other 6.10 updates that came after that 6.10 installation disk was created as well.
I realize you cannot go to a higher supported version of Linux for a while as you've explained above, but we just want to let you know that even after you upgrade to 6.10, this does not resolve the risks inherent in running RHEL 6.10.
Kind Regards,
RJ
Guru
31925 points
Hi RJ,
Thanks for confirming what I (basically) told Jeremi above : "The whole environment
is completely unsafe to use - the system is vulnerable against attacks, act soon." ... :)
Regards,
Christian
Community Member
65 points
hey RJ;
so I understand that the latest release of 6.x still have application not patched yet ( they create the binary image once, after that date they just add the update to the RHN every time a new flow was discovered)
for the forst point you said I'm not agree with you because using the latest major release of red hat (8 or 9) does not resolve the risks inherent in running it
so the security vs stability is an issue that we still face now days, we build app based on an OS these app contain a lot of work, then I need to update it every time a new release appear