1. 操作系统版本
Red Hat Enterprise Linux Server release 7.2 (Maipo)
2. 下载软件包
去官网找了好久,但是没找到如何下载,于是找到了一个国内的地址
地址:http://mirrors.163.com/centos/7/os/x86_64/Packages/ ,用CTRL+F搜索需要的包
网上搜博客,看见说只需要下载dhclient和dhcp-common这两个包,但是由于后面安装的时候会有各种依赖问题,所以我还是把相关的所有包都下下来了,下图就是我准备的包
bind-export-libs-9.11.4-26.P2.el7.x86_64.rpm
dhclient-4.2.5-82.el7.centos.x86_64.rpm
dhcp-4.2.5-82.el7.centos.x86_64.rpm
dhcp-common-4.2.5-82.el7.centos.x86_64.rpm
dhcp-devel-4.2.5-82.el7.centos.x86_64.rpm
dhcp-libs-4.2.5-82.el7.centos.x86_64.rpm
3. 开始修复漏洞(升级)
# 查看升级前的包
[root@liangd-server0006 yihai-rpm]# rpm -qa|grep dhclient
dhclient-4.2.5-42.el7.x86_64
[root@liangd-server0006 yihai-rpm]# rpm -qa|grep dhcp-common
dhcp-common-4.2.5-42.el7.x86_64
# 卸载
[root@liangd-server0006 yihai-rpm]# rpm -e --nodeps dhclient-4.2.5-42.el7.x86_64 dhcp-common-4.2.5-42.el7.x86_64
# 安装
[root@liangd-server0006 yihai-rpm]# rpm -ivh dhcp-common-4.2.5-82.el7.centos.x86_64.rpm
警告:dhcp-common-4.2.5-82.el7.centos.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:dhcp-common-12:4.2.5-82.el7.cento################################# [100%]
[root@liangd-server0006 yihai-rpm]# rpm -Uvh bind-export-libs-9.11.4-26.P2.el7.x86_64.rpm --nodeps
警告:bind-export-libs-9.11.4-26.P2.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:bind-export-libs-32:9.11.4-26.P2.################################# [100%]
[root@liangd-server0006 yihai-rpm]# rpm -ivh dhclient-4.2.5-82.el7.centos.x86_64.rpm
警告:dhclient-4.2.5-82.el7.centos.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
准备中... ################################# [100%]
正在升级/安装...
1:dhclient-12:4.2.5-82.el7.centos ################################# [100%]
[root@liangd-server0006 yihai-rpm]# rpm -qa --changelog dhclient | grep CVE-2018 # 出现Resolves就表示漏洞已经被修复,修复前执行这个命令是没有输出的
- Resolves: #1570895 - Fix command execution vulnerability (CVE-2018-1111)
- Resolves: #1549999 - CVE-2018-5733 Avoid buffer overflow reference counter
- Resolves #1549998 :CVE-2018-5732 Avoid buffer overflow in options parser
4. 参考博客
https://blog.csdn.net/liu2612348/article/details/80388943?utm_medium=distribute.pc_relevant_download.none-task-blog-2~default~BlogCommendFromBaidu~default-5.nonecase&depth_1-utm_source=distribute.pc_relevant_download.none-task-blog-2~default~BlogCommendFromBaidu~default-5.nonecas