查询安全更新

命令格式：yum updateinfo <command> [option]

• 执行yum updateinfo命令，查询全部可用的安全更新信息。

  [root@localhost ~]# yum updateinfo
  Last metadata expiration check: 0:03:05 ago on Thu 08 Sep 2022 05:30:23 PM CST.
  Updates Information Summary: available
  12 Security notice(s)
  4 Critical Security notice(s)
  6 Important Security notice(s)
  2 Moderate Security notice(s)

• <command>的主要参数。
  • list：查询当前可用的安全更新列表。

    [root@localhost ~]# yum updateinfo list
    Last metadata expiration check: 0:03:32 ago on Thu 08 Sep 2022 05:30:23 PM CST.
    HCE2-SA-2022-0006 Critical/Sec.  curl-7.79.1-2.h6.hce2.x86_64
    HCE2-SA-2022-0011 Moderate/Sec.  gnupg2-2.2.32-1.h6.hce2.x86_64
    HCE2-SA-2022-0002 Important/Sec. kernel-5.10.0-60.18.0.50.h425_2.hce2.x86_64

  • info <SA ID>：查询指定SA ID的安全更新详情。

    [root@localhost ~]# yum updateinfo info HCE2-SA-2022-0029
    Last metadata expiration check: 5:09:15 ago on Tue 13 Sep 2022 09:43:13 AM CST.
    =================================================================
    An update for python3 is now available for HCE 2.0
    =================================================================
    Update ID: HCE2-SA-2022-0029
    Type: security
    Updated: 2022-09-08 22:08:34
    CVEs: CVE-2021-28861
    Description: Security Fix(es):
    : Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. (CVE-2021-28861)
    Severity: Important

• [option]的主要参数。
  • --sec-severity={Critical,Important,Moderate,Low}：指定安全更新级别，{}中的安全更新等级参数可任意组合。

    例如，使用--sec-severity=Critical查询某个安全更新级别。

    [root@localhost ~]# yum updateinfo list --sec-severity=Critical
    Last metadata expiration check: 0:10:15 ago on Thu 08 Sep 2022 05:30:23 PM CST.
    HCE2-SA-2022-0006 Critical/Sec. curl-7.79.1-2.h6.hce2.x86_64
    HCE2-SA-2022-0003 Critical/Sec. libarchive-3.5.2-1.h2.hce2.x86_64
    HCE2-SA-2022-0006 Critical/Sec. libcurl-7.79.1-2.h6.hce2.x86_64
    ……

    例如，使用--sec-severity={Critical,Moderate}查询多个安全更新级别。

    [root@localhost ~]# yum updateinfo list --sec-severity={Critical,Moderate}
    Last metadata expiration check: 0:11:07 ago on Thu 08 Sep 2022 05:30:23 PM CST.
    HCE2-SA-2022-0006 Critical/Sec. curl-7.79.1-2.h6.hce2.x86_64
    HCE2-SA-2022-0011 Moderate/Sec. gnupg2-2.2.32-1.h6.hce2.x86_64
    HCE2-SA-2022-0003 Critical/Sec. libarchive-3.5.2-1.h2.hce2.x86_64
    ……

  • --cve=<CVE ID>：查询指定的CVE ID。

    [root@localhost ~]#  yum updateinfo info --cve=CVE-2021-28861
    Last metadata expiration check: 5:10:38 ago on Tue 13 Sep 2022 09:43:13 AM CST.
    =================================================================
    An update for python3 is now available for HCE 2.0
    =================================================================
    Update ID: HCE2-SA-2022-0029
    Type: security
    Updated: 2022-09-08 22:08:34
    CVEs: CVE-2021-28861
    Description: Security Fix(es):
    : Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. (CVE-2021-28861)
    Severity: Important

更多详细信息，请使用yum updateinfo --help获取帮助信息。