【环境信息】
NAME="openEuler"
VERSION="23.09"
ID="openEuler"
VERSION_ID="23.09"
PRETTY_NAME="openEuler 23.09"
ANSI_COLOR="0;31"
【软件版本】
aops-ceres-v1.3.0-2.oe2309.x86_64
【问题复现步骤】
1.根据aops-ceres单机巡检的结果
2.执行aops-ceres apollo --fix命令修复cve
3.fix_way方式选择冷补丁
出现概率(必现) 必现
【预期结果】
结果返回成功
【实际结果】
结果返回失败
1.巡检扫描结果
2.实际修复结果
Hi yangshicheng, welcome to the openEuler Community.
I'm the Bot here serving you. You can find the instructions on how to interact with me at Here.
If you have any questions, please contact the SIG: sig-ops, and any of the maintainers: @栾建海 , @solarhu , @cmss_dx , @hjx_gitff , @snoweay , @luzhihao , @Lostway , @yangzhao_kl , @dowzyx , @王记棒棒猪 , @Anatas , @chen wei , @openeuler-ci-bot
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
经排查发现此信息,由于手动构造update信息导致,available软件包信息,通过dnf list --available获取最新版本。
然而构造的可升级版本软件包在repo源中并不存在,并且未找到相关软件包的信息,在读取目标软件阿波available软件包信息时,读取失败,回显为空白
在出现此问题的机器上,各命令执行结果如下:
1 查看关于该软件包的可用升级包信息,并未发现有目标升级软件包,比如redis-6.2.5-2
dnf list --available|grep redis
[root@openEuler function]# dnf list --available|grep redis
hiredis.x86_64 1.1.0-1.oe2309 OS
hiredis-devel.x86_64 1.1.0-1.oe2309 everything
patch-redis-6.2.5-1-ACC.x86_64 1-2 hotpatch
patch-redis-6.2.5-1-HP001.x86_64 1-1 coldpatch
patch-redis-6.2.5-1-HP002.x86_64 1-1 coldpatch
pcp-pmda-redis.x86_64 5.3.7-2.oe2309 OS
python-redis-help.noarch 4.6.0-1.oe2309 everything
python3-redis.noarch 4.6.0-1.oe2309 everything
redis5.x86_64 5.0.14-3.oe2309 everything
redis5-devel.x86_64 5.0.14-3.oe2309 everything
redis5-doc.noarch 5.0.14-3.oe2309 everything
redis6.x86_64 6.2.7-2.oe2309 everything
redis6-devel.x86_64 6.2.7-2.oe2309 everything
redis6-doc.noarch 6.2.7-2.oe2309 everything
rsyslog-hiredis.x86_64 8.2210.0-3.oe2309 everything
rubygem-hiredis.x86_64 0.6.3-1.oe2309 everything
rubygem-hiredis-doc.noarch 0.6.3-1.oe2309 everything
rubygem-redis.noarch 4.7.0-3.oe2309 everything
rubygem-redis-doc.noarch 4.7.0-3.oe2309 everything
[root@openEuler function]# dnf search redis
Last metadata expiration check: 0:01:37 ago on Tue 05 Sep 2023 05:58:38 PM CST.
========================================================================= Name Exactly Matched: redis =========================================================================
redis.x86_64 : A persistent key-value database
======================================================================== Name & Summary Matched: redis ========================================================================
hiredis.x86_64 : A minimalistic C client library for the Redis database
hiredis-devel.x86_64 : Development files for hiredis
patch-redis-6.2.5-1-ACC.x86_64 : Syscare patch "ACC" for redis-6.2.5-1
patch-redis-6.2.5-1-HP001.x86_64 : Syscare patch "HP001" for redis-6.2.5-1
patch-redis-6.2.5-1-HP002.x86_64 : Syscare patch "HP002" for redis-6.2.5-1
patch-redis-6.2.5-1-SGL_CVE_2023_1111_CVE_2023_1112.x86_64 : Syscare patch "SGL_CVE_2023_1111_CVE_2023_1112" for redis-6.2.5-1
pcp-pmda-redis.x86_64 : Performance Co-Pilot (PCP) metrics for Redis
python-redis-help.noarch : Python client for Redis key-value store
python3-redis.noarch : Python client for Redis key-value store
redis5-devel.x86_64 : Development header for Redis module development
redis5-doc.noarch : Documentation for Redis
redis6-devel.x86_64 : Development header for Redis module development
redis6-doc.noarch : Documentation for Redis
rsyslog-hiredis.x86_64 : Redis support for rsyslog
rubygem-hiredis.x86_64 : Ruby wrapper for hiredis
rubygem-hiredis-doc.noarch : Documentation for rubygem-hiredis
rubygem-redis.noarch : A Ruby client library for Redis
rubygem-redis-doc.noarch : Documentation for rubygem-redis
============================================================================= Name Matched: redis =============================================================================
redis5.x86_64 : A persistent key-value database
redis6.x86_64 : A persistent key-value database
=========================================================================== Summary Matched: redis ============================================================================
jedis.noarch : A redis Java client
lettuce.noarch : Scalable Java Redis client
predixy.x86_64 : High performance and full featured proxy for redis sentinel and redis cluster
[root@openEuler function]#
[root@openEuler function]# dnf hot-updateinfo list cves|grep redis
CVE-2023-1113 Important/Sec. redis-6.2.5-2.x86_64 -
CVE-2023-1111 Important/Sec. redis-6.2.5-2.x86_64 patch-redis-6.2.5-1-ACC-1-1.x86_64
CVE-2023-1112 Important/Sec. redis-6.2.5-2.x86_64 patch-redis-6.2.5-1-ACC-1-1.x86_64
CVE-2023-1111 Important/Sec. redis-6.2.5-2.x86_64 patch-redis-6.2.5-1-SGL_CVE_2023_1111_CVE_2023_1112-1-1.x86_64
CVE-2023-1112 Important/Sec. redis-6.2.5-2.x86_64 patch-redis-6.2.5-1-SGL_CVE_2023_1111_CVE_2023_1112-1-1.x86_64
CVE-2023-2221 Critical/Sec. redis-6.2.5-3.x86_64 patch-redis-6.2.5-1-ACC-1-2.x86_64
CVE-2023-2222 Critical/Sec. redis-6.2.5-3.x86_64 patch-redis-6.2.5-1-ACC-1-2.x86_64
CVE-2023-3331 Low/Sec. redis-6.2.5-4.x86_64 -
CVE-2023-3332 Low/Sec. redis-6.2.5-4.x86_64 -
CVE-2023-4441 Low/Sec. redis-6.2.5-5.x86_64 -
[root@openEuler function]# rpm -qa|grep redis
redis-6.2.5-1.x86_64
patch-redis-6.2.5-1-SGL_CVE_2023_1111_CVE_2023_1112-1-1.x86_64
[root@openEuler function]#
验证结果: 通过,当前升级包信息为虚构的,不存在实际的软件包
验证版本: 23.09-RC3
登录 后才可以发表评论