Vendor-recommended software patches and updates, and system security patches and updates, must be installed and up-to-date.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| RHEL-06-000011 | RHEL-06-000011 | RHEL-06-000011_rule | High |
| Description |
|---|
| Installing software updates is a fundamental mitigation against the exploitation of publicly-known vulnerabilities. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2013-02-05 |
Details
| Check Text ( C-RHEL-06-000011_chk ) |
|---|
| If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server which provides updates, invoking the following command will indicate if updates are available: # yum check-update If the system is not configured to update from one of these sources, run the following command to list when each package was last updated: $ rpm -qa -last Compare this to Red Hat Security Advisories (RHSA) listed at https://access.redhat.com/security/updates/active/ to determine if the system is missing applicable updates. If updates are not installed, this is a finding. |
| Fix Text (F-RHEL-06-000011_fix) |
|---|
| If the system is joined to the Red Hat Network, a Red Hat Satellite Server, or a yum server, run the following command to install updates: # yum update If the system is not configured to use one of these sources, updates (in the form of RPM packages) can be manually downloaded from the Red Hat Network and installed using "rpm". |