{"id":2951,"date":"2016-10-26T20:07:58","date_gmt":"2016-10-26T12:07:58","guid":{"rendered":"http:\/\/ixyzero.com\/blog\/?p=2951"},"modified":"2016-10-26T20:07:58","modified_gmt":"2016-10-26T12:07:58","slug":"linux%e7%b3%bb%e7%bb%9f%e5%a6%82%e4%bd%95%e8%bf%9b%e8%a1%8c%e5%ae%89%e5%85%a8%e6%9b%b4%e6%96%b0","status":"publish","type":"post","link":"https:\/\/ixyzero.com\/blog\/archives\/2951.html","title":{"rendered":"Linux\u7cfb\u7edf\u5982\u4f55\u8fdb\u884c\u5b89\u5168\u66f4\u65b0"},"content":{"rendered":"<p>=Start=<\/p>\n<h5>\u5982\u4f55\u5e94\u5bf9\u300c\u810f\u725b\u6f0f\u6d1e\u300d\uff1f<\/h5>\n<ul>\n<li><a href=\"https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-protect-your-server-against-the-dirty-cow-linux-vulnerability\">https:\/\/www.digitalocean.com\/community\/tutorials\/how-to-protect-your-server-against-the-dirty-cow-linux-vulnerability<\/a><\/li>\n<li><a href=\"https:\/\/dirtycow.ninja\/\">https:\/\/dirtycow.ninja\/<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/dirtycow\/dirtycow.github.io\/wiki\/PoCs\">https:\/\/github.com\/dirtycow\/dirtycow.github.io\/wiki\/PoCs<\/a><\/li>\n<li><a href=\"http:\/\/bobao.360.cn\/learning\/detail\/3123.html\">http:\/\/bobao.360.cn\/learning\/detail\/3123.html<\/a><\/li>\n<\/ul>\n<pre class=\"lang:default decode:true \"># Debian\/Ubuntu\n$ uname -rv\n\u5f53\u4f60\u7684\u5185\u6838\u7248\u672c\u4fe1\u606f\u5c0f\u4e8e\uff1a\n\t4.8.0-26.28 for Ubuntu 16.10\n\t4.4.0-45.66 for Ubuntu 16.04 LTS\n\t3.13.0-100.147 for Ubuntu 14.04 LTS\n\t3.2.0-113.155 for Ubuntu 12.04 LTS\n\t3.16.36-1+deb8u2 for Debian 8\n\t3.2.82-1 for Debian 7\n\t4.7.8-1 for Debian unstable\n\u5219\uff0c\u4f60\u7684Debian\/Ubuntu\u7cfb\u7edf\u662f\u4f1a\u53d7\u5230\u5f71\u54cd\u7684\uff0c\u6240\u4ee5\u9700\u8981\u53ca\u65f6\u66f4\u65b0\u5185\u6838\u7248\u672c\u3002\n\n# CentOS\n$ wget https:\/\/access.redhat.com\/sites\/default\/files\/rh-cve-2016-5195_1.sh\n$ bash rh-cve-2016-5195_1.sh<\/pre>\n<p>&amp;<\/p>\n<pre class=\"lang:default decode:true \"># Ubuntu\n$ sudo apt-get update &amp;&amp; sudo apt-get dist-upgrade\n$ sudo reboot\n\n# CentOS 7\n$ sudo yum update\n$ sudo reboot\n\n# CentOS 5\/6\n\u7b49\u5f85\u5b98\u65b9\u51fa\u8865\u4e01\uff0c\u7136\u540e\u53ca\u65f6\u8fdb\u884c\u66f4\u65b0<\/pre>\n<p>&amp;<\/p>\n<pre class=\"lang:default decode:true\" title=\"\u5728CentOS\u4e0a\u5982\u4f55\u67e5\u770b\u548c\u8fdb\u884c\u5b89\u5168\u76f8\u5173\u7684\u66f4\u65b0\"># \u5b89\u88c5yum\u7684\u5b89\u5168\u63d2\u4ef6\nyum -y install yum-plugin-security\n\n# \u663e\u793a\u6240\u6709\u548c\u5b89\u5168\u76f8\u5173\u7684\u66f4\u65b0\nyum --security check-update\n\n# list all bugs fixed\nyum updateinfo list bugzillas\n\n# summary of advisories\nyum updateinfo summary\n\n# \u5347\u7ea7\u6240\u6709\u548c\u5b89\u5168\u76f8\u5173\u7684package\u81f3\u6700\u65b0\u7248\nyum --security update\n\n# \u5347\u7ea7\u6240\u6709\u548c\u5b89\u5168\u76f8\u5173\u7684package\u81f3\u6ee1\u8db3\u8981\u6c42\u7684\u6700\u5c0f\u7248\u672c\nyum --security update-minimal\n\n# \u67e5\u770b\u5e2e\u52a9\nman 8 yum-security<\/pre>\n<ul>\n<li><a href=\"http:\/\/alvinalexander.com\/linux-unix\/centos-yum-installing-only-security-updates\">http:\/\/alvinalexander.com\/linux-unix\/centos-yum-installing-only-security-updates<\/a><\/li>\n<li><a href=\"http:\/\/www.cyberciti.biz\/faq\/redhat-fedora-centos-linux-yum-installs-security-updates\/\">http:\/\/www.cyberciti.biz\/faq\/redhat-fedora-centos-linux-yum-installs-security-updates\/<\/a><\/li>\n<\/ul>\n<p>\u5bf9\u4e8e\u5c0f\u5185\u5b58\u673a\u5668\uff0c\u53ef\u80fd\u4f1a\u51fa\u73b0\u5185\u5b58\u4e0d\u8db3\u7684\u60c5\u51b5\u3002\u8fd9\u65f6\u5c31\u9700\u8981\u7528swap\u4ea4\u6362\u5206\u533a\u300c\u6269\u5c55\u300d\u5185\u5b58\u5bb9\u91cf\uff0c\u53ef\u4ee5\u53c2\u8003\u4e4b\u524d\u7684\u6587\u7ae0\uff1a<a href=\"http:\/\/ixyzero.com\/blog\/archives\/2623.html\" target=\"_blank\">\u5728\u5c0f\u5185\u5b58\u673a\u5668\u4e0a\u5b89\u88c5lxml<\/a>\u3002<\/p>\n<p>=END=<\/p>\n","protected":false},"excerpt":{"rendered":"<p>=Start= \u5982\u4f55\u5e94\u5bf9\u300c\u810f\u725b\u6f0f\u6d1e\u300d\uff1f https:\/\/www.digitalocean.com\/commun [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[23,11,25],"tags":[30,37,639],"class_list":["post-2951","post","type-post","status-publish","format-standard","hentry","category-knowledgebase-2","category-linux","category-security","tag-linux","tag-security","tag-yum"],"views":6247,"_links":{"self":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/2951","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/comments?post=2951"}],"version-history":[{"count":0,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/posts\/2951\/revisions"}],"wp:attachment":[{"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/media?parent=2951"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/categories?post=2951"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ixyzero.com\/blog\/wp-json\/wp\/v2\/tags?post=2951"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}