1yum-security(8)                                                yum-security(8)
2
3
4

NAME

6       yum security plugin
7

SYNOPSIS

9       yum [options] [command] [package ...]
10

DESCRIPTION

12       This  plugin extends yum to allow lists and updates to be limited using
13       security relevant criteria
14
15       added yum commands are:
16        * info-sec
17        * list-sec
18
19       both of which take these sub-commandss are:
20        * * <advisory> [advisory...]
21        * * bugzillas
22        * * cves
23        * * security
24
25       <advisory> [advisory...]
26              Is used to display information about one or more advisories.
27
28       list-sec
29              Is used to list all of the relevant security  information,  from
30              the  updateinfo.xml  data  in yum. This includes bugzillas, CVEs
31              and security updates.
32
33       bugzillas / bzs
34              Is the subset of the security  information,  pertaining  to  the
35              bugzillas.
36
37       cves   Is  the  subset  of  the security information, pertaining to the
38              CVEs.
39
40       security / sec
41              Is the subset of the security information, pertaining  to  secu‐
42              rity.
43

GENERAL OPTIONS

45       There  are  four  options  added to yum that are available in the "list
46       updates", "info updates", "check-update" and  "update"  commands.  They
47       are:
48
49       --advisory
50              This  option  includes packages coresponding to the advisory ID,
51              Eg. FEDORA-2201-123.
52
53       --bz   This option includes packages that say they fix a  Bugzilla  ID,
54              Eg. 123.
55
56       --cve  This  option  includes packages that say they fix a CVE - Common
57              Vulnerabilities and Exposures ID  (http://cve.mitre.org/about/),
58              Eg. CVE-2201-0123.
59
60       --security
61              This  option  includes  packages  that  say  they fix a security
62              issue.
63

EXAMPLES

65       To list all updates that are security relevant, and get a  reutrn  code
66       on whether there are security updates use:
67
68              yum --security check-update
69
70       To apply updates that are security relevant use:
71
72              yum --security update
73
74       To get a list of all BZs that are fixed for packages you have installed
75       use:
76
77              yum list-sec bugzillas
78
79       To get the information on advisory FEDORA-2707-4567 use:
80
81              yum info-sec FEDORA-2707-4567
82
83       To apply updates for Bugzillas 123,  456  and  789;  and  all  security
84       updates use:
85
86              yum --bz 123 --bz 456 --bz 789 --security update
87
88       To get an info list of updates for Bugzilla 123; CVEs CVE-2207-0123 and
89       CVE-2207-3210;   and    Fedora    advisories    FEDORA-2707-4567    and
90       FEDORA-2707-7654 use:
91
92              yum  --bz 123 --cve CVE-2207-0123 --cve CVE-2207-3210 --advisory
93              FEDORA-2707-4567 --advisory FEDORA-2707-7654 info updates
94
95
96

SEE ALSO

98       yum (8)
99       yum.conf (5)
100
101

AUTHORS

103       James Antill <james.antill@redhat.com>.
104
105

BUGS

107       Currently yum.conf comes as default without plugins  enabled,  so  just
108       installing the yum security plugin will do nothing.  There are detailed
109       instructions on enabling plugins in the  yum  man  page,  however  just
110       putting "plugins=1" in yum.conf should just work.
111
112       The main "problem" is that if the data is not correct the plugin cannot
113       work correctly. For instance "--bz 123" will not fix BZ 123 if a  pack‐
114       age  is  updated  to fix that BZ without referencing that it does so in
115       the updateinfo.xml.
116
117
118
119James Antill                      2007 Apr 12                  yum-security(8)
Impressum