Linux YUM或RPM修复 glibc幽灵(GHOST)漏洞

OS :Redhat5.4 32bit(系统32位,未购买yum服务的,设置163源)

下载以下包,如果是redhat6根据需求调整url的数字5或6

m2crypto-0.16-9.el5.i386.rpm
python-elementtree-1.2.6-5.i386.rpm
python-iniparse-0.2.3-6.el5.noarch.rpm
python-sqlite-1.1.7-1.2.1.i386.rpm
python-urlgrabber-3.1.0-6.el5.noarch.rpm
yum-3.2.22-40.el5.centos.noarch.rpm
yum-fastestmirror-1.1.16-21.el5.centos.noarch.rpm
yum-metadata-parser-1.1.2-4.el5.i386.rpm

wget http://mirrors.163.com/centos/5/os/i386/CentOS/m2crypto-0.16-9.el5.i386.rpm
wget http://mirrors.163.com/centos/5/os/i386/CentOS/python-elementtree-1.2.6-5.i386.rpm
wget http://mirrors.163.com/centos/5/os/i386/CentOS/python-iniparse-0.2.3-6.el5.noarch.rpm
wget http://mirrors.163.com/centos/5/os/i386/CentOS/python-sqlite-1.1.7-1.2.1.i386.rpm
wget http://mirrors.163.com/centos/5/os/i386/CentOS/python-urlgrabber-3.1.0-6.el5.noarch.rpm
wget http://mirrors.163.com/centos/5/os/i386/CentOS/yum-3.2.22-40.el5.centos.noarch.rpm
wget http://mirrors.163.com/centos/5/os/i386/CentOS/yum-fastestmirror-1.1.16-21.el5.centos.noarch.rpm
wget http://mirrors.163.com/centos/5/os/i386/CentOS/yum-metadata-parser-1.1.2-4.el5.i386.rpm

rpm包安装
rpm -Uivh m2crypto-0.16-9.el5.i386.rpm
rpm -Uivh python-elementtree-1.2.6-5.i386.rpm
rpm -Uivh python-iniparse-0.2.3-6.el5.noarch.rpm
rpm -Uivh python-sqlite-1.1.7-1.2.1.i386.rpm
rpm -Uivh python-urlgrabber-3.1.0-6.el5.noarch.rpm
rpm -Uivh yum-3.2.22-40.el5.centos.noarch.rpm
rpm -Uivh yum-fastestmirror-1.1.16-21.el5.centos.noarch.rpm
rpm -Uivh yum-metadata-parser-1.1.2-4.el5.i386.rpm


rpm --import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5

cd /etc/yum.repos.d/
wget http://mirrors.163.com/.help/CentOS-Base-163.repo 
或者
#vi CentOS-Base-163.repo
内容如下

# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client.  You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the 
# remarked out baseurl= line instead.


[base]
name=CentOS-$releasever - Base - 163.com
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
baseurl=http://mirrors.163.com/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#released updates 
[updates]
name=CentOS-$releasever - Updates - 163.com
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
baseurl=http://mirrors.163.com/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#packages used/produced in the build but not released
[addons]
name=CentOS-$releasever - Addons - 163.com
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=addons
baseurl=http://mirrors.163.com/centos/$releasever/addons/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - 163.com
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
baseurl=http://mirrors.163.com/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - 163.com
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
baseurl=http://mirrors.163.com/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5


#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib - 163.com
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
baseurl=http://mirrors.163.com/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5


使用
#vi CentOS-Base-163.repo
在所有mirrorlist前面加上#,把所有$releasever替换成5,保存
sed -i 's/$releasever/5/g' CentOS-Base-163.repo


清理并重新生成yum缓存
#yum clean metadata
#yum makecache             可以加快yum搜索和下载的速度



RPM 包安装方法

由于有的服务器无法进行YUM操作,只能采用RPM包,RPM更新安装涉及关联包,我当前的系统是redhat 5.4版本
需要下载以下几个安装包。

IA-32:(根据Server OS的版本)
glibc-2.5-123.el5_11.1.i386.rpm 
glibc-2.5-123.el5_11.1.i686.rpm
glibc-common-2.5-123.el5_11.1.i386.rpm
glibc-debuginfo-2.5-123.el5_11.1.i386.rpm
glibc-debuginfo-2.5-123.el5_11.1.i686.rpm
glibc-debuginfo-common-2.5-123.el5_11.1.i386.rpm
glibc-devel-2.5-123.el5_11.1.i386.rpm
glibc-headers-2.5-123.el5_11.1.i386.rpm
glibc-utils-2.5-123.el5_11.1.i386.rpm
nscd-2.5-123.el5_11.1.i386.rpm
将包放到一个文件目录中
赋予执行权限之后
rpm -Uvh ./*

你可能感兴趣的:(Linux YUM或RPM修复 glibc幽灵(GHOST)漏洞)