Update & Verify


In [ ]:
yum updateinfo list # get a list of vulnerabilities
In [ ]:
yum updateinfo RHSA-2017:0149 # get more detail about a specific vulnerability
Check integrity - verifing packages
In [ ]:
rpm -Va # verify all installed packages


In [ ]:
apt update
In [ ]:
apt full-upgrade
In [ ]:
apt-get dist-upgrade
In [1]:
apt list --upgradable |& grep security # show only a list of security updates
linux-generic/xenial-updates,xenial-security amd64 [upgradable from:]
linux-headers-generic/xenial-updates,xenial-security amd64 [upgradable from:]
linux-image-generic/xenial-updates,xenial-security amd64 [upgradable from:]
linux-libc-dev/xenial-updates,xenial-security 4.4.0-71.92 amd64 [upgradable from: 4.4.0-70.91]
linux-tools-common/xenial-updates,xenial-updates,xenial-security,xenial-security 4.4.0-71.92 all [upgradable from: 4.4.0-70.91]
linux-tools-virtual/xenial-updates,xenial-security amd64 [upgradable from:]
In [ ]:
landscape -> https://landscape.canonical.com/
Check integrity - verifing packages
In [5]:
apt search --full --names-only debsums
Sorting... Done
Full Text Search... Done
debsums/xenial,xenial 2.1.2 all
  tool for verification of installed package files against MD5 checksums
  debsums can verify the integrity of installed package files against
  MD5 checksums installed by the package, or generated from a .deb

In [15]:
debsums -es |&  grep --color=no "missing" # e= config,  s= silent
debsums: missing file /etc/default/chromium-browser (from chromium-browser package)
debsums: missing file /etc/init.d/keyboard-setup (from keyboard-configuration package)
In [ ]:
debsums -a &> debsums.log