???? The previous days in the month race, got a Ubuntu14.04 server, but not root authority, need to raise power. I Google a bit and found cve-2015-1318,cve-2015-1328,cve-2015-1338 these can be used to power the CVE and POC. When I used the cve-2015-1328 to raise the right, and did not succeed, I was wondering if I this server in the end hit the CVE patch?
???? Later, I looked up on the internet, a little pondering the next, there is this method, may not necessarily be the most convenient for the best use. I searched for cve-2015-1328 directly in Google, and found the following link:
Http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1328.html I saw the affected package and repair information in it. A part of the graph is truncated:
???? We can see that the kernel of Linux is affected. So execute dpkg–l |grep Linux to find the name of the package for the Linux kernel. On my Ubuntu 12.02, cut part of the diagram:
???? Then, using Apt-get changelog linux-image-3.2.0-97-generic, you can see the current kernel version of Changelog, and then search directly inside the cve-2015-1328 to know if the patch is patched. If the patch is patched, then the right POC will not work. Other CVE can also use this method to determine if a patch is being patched.
Finally, I'll explain a few nouns under Linux:
Upstream kernel:
Kernel from www.kernel.org, which we call upstream kernel, is maintained by the Linux kernel Linus under Torvalds kernel. The Ubuntu,centos we used are all Linux distributions (distribution), and these Linux distribution have made some modifications to the kernel maintained by the Linux Kernel organization. These cores are not kernels that get directly from www.kernel.org, and the kernels obtained from www.kernel.org are the upstream kernel for these distribution cores.
I also found a more popular introduction on the StackOverflow.
Using Ubuntu as an example.
Ubuntu is a distribution which packs a lot of software together, small and large. There is graphic drivers, the X server, and Gnome, among others. Ubuntu itself is not developing those software. Ubuntu is "just" packing the software together, making sure, and the individual components work together. All this software which Ubuntu is packing together be called upstream from Ubuntu's point of view.
In the process of combining all, software together bugs might pop up. The bug might be in one of the software components, for example gnome, or it might are in the very special to Ubuntu is ing things. After all, a distribution was a distribution because it does some things in it ' s own very special.
If the bug is caused by the the-the-by-the-doing things, then Ubuntu'll has to fix this bug for itself. If the bug is in fact in one's software components, for example GNOME and then Ubuntu would has to patch gnome. When Ubuntu sends-the patch back-to-Gnome, so-others can also benefit from the patch, then Ubuntu was sending that patch up Stream.
If Ubuntu decides to not send this patch upstream, or the upstream project rejects the patch (but Ubuntu decides to still Keep the patch), then Ubuntu have technically forked the project.
The opposite of upstream would be downstream, Ubuntu was downstream from Gnome. I do not hear/read this term used often.
Ubuntu Changelog:
???? Ubuntu Changelog records the package changes with the version. Changelog also has a certain format, which can be learned from this link below.
Http://packaging.ubuntu.com/html/debian-dir-overview.html
How to determine if a CVE patch has been patched under Ubuntu