engarde-users March 2003 archive
Main Archive Page > Month Archives  > engarde-users archives
engarde-users: [EnGarde] Re: order of updates?

[EnGarde] Re: order of updates?

From: buddha <buddha_at_nospam>
Date: Wed Mar 19 2003 - 16:23:44 GMT
To: <engarde-users@engardelinux.org>


As I was faced with the same situation after a fresh install. This is the solution I came up with.

It is built in chronological order from oldest to newest. Quite tedious I must say, as many of the packages have been pulled from the ftp site. I would assume that this is because they are superseded by a later patch.
Each advisory has its own page, so each must be reviewed separately to determine the order and name of the rpm to apply.

I rebooted into standard mode.
Btw, I am using the i386 version.
SCP the rpm's and script to ESL (be careful to remove the SMP kernel packages if you are not using SMP.)

Putty to esl and chmod 755 on "patchme.txt" an execute the script.

I'd be interested if some of the more knowledgeable on the list would review and comment either pro or con. All feedback would be welcome.


# Apply patches to ESL, current for i386 through 3/19/03
#!/bin/sh rpm -Uvh xntp3-5.93-1.0.16.i386.rpm rpm -Uvh gnupg-1.0.6-1.0.3.i386.rpm rpm -Uvh xinetd-2.3.3-1.0.19.i386.rpm rpm -Uvh stunnel-3.22-1.0.4.i386.rpm rpm -Uvh popt-1.5-1.0.14.i386.rpm rpm -Uvh rpm-3.0.6-1.0.14.i386.rpm rpm -Uvh rsync-2.4.6-1.0.6.i386.rpm rpm -Uvh zlib-1.1.3-1.0.4.i386.rpm rpm -Uvh webalizer-2.01-1.0.4.i386.rpm rpm -Uvh sudo-1.6.4-1.0.7.i386.rpm rpm -Uvh swatch-3.0.4-1.0.29.i386.rpm rpm -Uvh openssl*.rpm rpm -Uvh glibc-2.1.3-1.0.6.i386.rpm rpm -Uvh tar-1.13.25-1.0.5.i386.rpm rpm -Uvh apache-1.3.27-1.0.33.i386.rpm rpm -Uvh syslog-ng-1.4.10-1.0.26.i386.rpm rpm -Uvh bind-chroot*.rpm rpm -Uvh lids-base-0.9.15-1.0.26.i386.rpm rpm -Uvh pine-4.50-1.0.9.i386.rpm rpm -Uvh fetchmail-ssl-6.1.0-1.0.6.i386.rpm rpm -Uvh *php*.rpm rpm -Uvh MySQL*.rpm rpm -Uvh openssh*.rpm

# Snort indicates a failure unless it running when updated. (remove
comment # is desired to prevent error)
# /etc/init.d/snortd start
rpm -Uvh snort-1.9.1-1.0.9.i386.rpm rpm -Uvh file-3.41-1.0.2.i386.rpm rpm -Uvh imap-2000c-1.0.24.i386.rpm

rpm --replacefiles -i kernel*.rpm

/usr/sbin/config_lids.pl --force

# Reboot when done!

# Don't forget to fix the /etc/httpd/conf/httpd.conf, you will receive
an # # error when restarting apache from the web console unless you fix this.
# Re: remove extra line "LoadModule auth_module modules/mod_auto.so"

-----Original Message-----
From: engarde-users-bounce@engardelinux.org [mailto:engarde-users-bounce@engardelinux.org] On Behalf Of Kenn Murrah Sent: Wednesday, March 19, 2003 9:28 AM
To: engarde-users@engardelinux.org
Subject: [EnGarde] order of updates?


I finally have a ESL (finestra) up and running and properly configured ...
so now I need to install the many security updates that Engarde has provided

Does it matter in what order I do those updates? Can I just start at the
top of the list at
www.guardiandigital.com/products/software/trial/advisories.html and work my
way down? Or does it matter?



To unsubscribe email engarde-users-request@engardelinux.org with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ To unsubscribe email engarde-users-request@engardelinux.org with "unsubscribe" in the subject of the message.