-4

I compiled a RHEL based kernel with a script.

I've come to know that our version of kernel is vulnerable to attack and we need to apply security patches. https://rhn.redhat.com/errata/RHSA-2014-1392.html

I wanted to know where can i find security patches ( .patch files ) related to a specific kernel version.

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
PathFinder
  • 3
  • 3
  • 5
    You don't. You install the updated kernel packages. And you also don't use RHEL without a subscription. – Michael Hampton Dec 08 '14 at 15:51
  • 1
    Indeed. I answered with the assumption that he has a subscription. If not, then off to CentOSland you go. – Hyppy Dec 08 '14 at 15:53
  • @MichaelHampton Did they say they were using RHEL? It seems to me that their question was about patching a Linux kernel that they got from Red Hat. That's perfectly legal and proper and is the GPL functioning as designed. For all we know they just have the `.src.rpm` and are looking to patch it somehow. – Bratchley Dec 08 '14 at 16:40
  • Using a RHEL kernel and trying to patch it to a newer version of a RHEL kernel seem an awful lot like using RHEL to me. Why not just use CentOS if one isn't interested in downloading the binaries? – Hyppy Dec 08 '14 at 17:53
  • original question didn't say they were patching to a newer version of RHEL. All we know is that they described the kernel they're using as being "RHEL" which for all we know _could_ mean CentOS. – Bratchley Dec 08 '14 at 20:42
  • Hey all, I have licence to use RHEL kernel and I customized it in my way. If I am not subscribed to RH network too. I have legal authority via GPL and red hat also agrees that. If anyone could tell me where to find patch files to specific kernel say 2.6.32.358-el6 which is Red hat based kernel would be helpful. Also I don't want to upgrade my version. I just wanted to update the kernel with security patches. Is everyone on same page now? – PathFinder Dec 09 '14 at 06:02
  • If I was in this position, I would make a diff of the customizations relative to the original kernel, and then patch the newer sources with that diff. – Tero Kilkanen Dec 09 '14 at 06:24

1 Answers1

2

Red Hat Network distributes the source files for kernel versions, but not .patch files for custom personal backports. Most important vulnerabilities are backported by them, but again it's just in an appropriately versioned .src.rpm package.

If you're hellbent on compiling your own kernel, then that's the route you need to take.

Edit: If this is a large/important enough project, and it is well funded, you may be able to talk to your Red Hat TAM about more personalized service.

Hyppy
  • 15,458
  • 1
  • 37
  • 59
  • I can see ftp://ftp.redhat.com/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-504.el6.src.rpm Do anyone feel that patch files inside it would help me fixing 2.6.32.358-el6 kernel for security? – PathFinder Dec 09 '14 at 06:13