CVE-2018-1111 漏洞修复

标签：地址   comm   baidu   命令   网上   options   art   key   linu   

1. 操作系统版本

Red Hat Enterprise Linux Server release 7.2 (Maipo)

2. 下载软件包

去官网找了好久，但是没找到如何下载，于是找到了一个国内的地址
地址：http://mirrors.163.com/centos/7/os/x86_64/Packages/ ，用CTRL+F搜索需要的包
网上搜博客，看见说只需要下载dhclient和dhcp-common这两个包，但是由于后面安装的时候会有各种依赖问题，所以我还是把相关的所有包都下下来了，下图就是我准备的包

bind-export-libs-9.11.4-26.P2.el7.x86_64.rpm
dhclient-4.2.5-82.el7.centos.x86_64.rpm
dhcp-4.2.5-82.el7.centos.x86_64.rpm
dhcp-common-4.2.5-82.el7.centos.x86_64.rpm
dhcp-devel-4.2.5-82.el7.centos.x86_64.rpm
dhcp-libs-4.2.5-82.el7.centos.x86_64.rpm

3. 开始修复漏洞（升级）

# 查看升级前的包
[root@liangd-server0006 yihai-rpm]# rpm -qa|grep dhclient
dhclient-4.2.5-42.el7.x86_64
[root@liangd-server0006 yihai-rpm]# rpm -qa|grep dhcp-common
dhcp-common-4.2.5-42.el7.x86_64

# 卸载
[root@liangd-server0006 yihai-rpm]# rpm -e --nodeps dhclient-4.2.5-42.el7.x86_64 dhcp-common-4.2.5-42.el7.x86_64

# 安装
[root@liangd-server0006 yihai-rpm]# rpm -Uvh dhcp-libs-4.2.5-82.el7.centos.x86_64.rpm --nodeps
警告：dhcp-libs-4.2.5-82.el7.centos.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中...                          ################################# [100%]
正在升级/安装...
   1:dhcp-libs-12:4.2.5-82.el7.centos ################################# [ 50%]
正在清理/删除...
   2:dhcp-libs-12:4.2.5-42.el7        ################################# [100%]
[root@liangd-server0006 yihai-rpm]# rpm -ivh dhcp-common-4.2.5-82.el7.centos.x86_64.rpm
警告：dhcp-common-4.2.5-82.el7.centos.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中...                          ################################# [100%]
正在升级/安装...
   1:dhcp-common-12:4.2.5-82.el7.cento################################# [100%]
[root@liangd-server0006 yihai-rpm]# rpm -Uvh bind-export-libs-9.11.4-26.P2.el7.x86_64.rpm --nodeps
警告：bind-export-libs-9.11.4-26.P2.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中...                          ################################# [100%]
正在升级/安装...
   1:bind-export-libs-32:9.11.4-26.P2.################################# [100%]
[root@liangd-server0006 yihai-rpm]# rpm -ivh dhclient-4.2.5-82.el7.centos.x86_64.rpm
警告：dhclient-4.2.5-82.el7.centos.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中...                          ################################# [100%]
正在升级/安装...
   1:dhclient-12:4.2.5-82.el7.centos  ################################# [100%]

[root@liangd-server0006 yihai-rpm]# rpm -qa --changelog dhclient  | grep CVE-2018 # 出现Resolves就表示漏洞已经被修复，修复前执行这个命令是没有输出的
- Resolves: #1570895 - Fix command execution vulnerability (CVE-2018-1111)
- Resolves: #1549999 - CVE-2018-5733  Avoid buffer overflow reference counter
- Resolves #1549998 :CVE-2018-5732  Avoid buffer overflow in options parser

4. 参考博客

https://blog.csdn.net/liu2612348/article/details/80388943?utm_medium=distribute.pc_relevant_download.none-task-blog-2~default~BlogCommendFromBaidu~default-5.nonecase&depth_1-utm_source=distribute.pc_relevant_download.none-task-blog-2~default~BlogCommendFromBaidu~default-5.nonecas

CVE-2018-1111 漏洞修复

标签：地址   comm   baidu   命令   网上   options   art   key   linu   

原文地址：https://www.cnblogs.com/xiets/p/14765760.html