Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- uname -a
- cat /etc/redhat-release
- echo "Installed glibc version(s)"
- rv=0
- for glibc_nvr in $( rpm -q --qf '%{name}-%{version}-%{release}.%{arch}\n' glibc ); do
- glibc_ver=$( echo "$glibc_nvr" | awk -F- '{ print $2 }' )
- glibc_maj=$( echo "$glibc_ver" | awk -F. '{ print $1 }')
- glibc_min=$( echo "$glibc_ver" | awk -F. '{ print $2 }')
- echo -n "- $glibc_nvr: "
- if [ "$glibc_maj" -gt 2 -o \
- \( "$glibc_maj" -eq 2 -a "$glibc_min" -ge 18 \) ]; then
- # fixed upstream version
- echo 'not vulnerable'
- else
- # all RHEL updates include CVE in rpm %changelog
- if rpm -q --changelog "$glibc_nvr" | grep -q 'CVE-2015-0235'; then
- echo "not vulnerable"
- else
- echo "vulnerable"
- rv=1
- fi
- fi
- done
- if [ $rv -ne 0 ]; then
- cat <<EOF
- This system is vulnerable to CVE-2015-0235. <https://access.redhat.com/security/cve/CVE-2015-0235>
- Please refer to <https://access.redhat.com/articles/1332213> for remediation steps
- EOF
- fi
- exit $rv
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement