Re: How do I find out if a certain Linux patch has been applied on a system
From: John Reiser (jreiser_at_BitWagon.com)
Date: Mon, 21 Nov 2005 11:24:09 -0800
> I am new to Linux. Is there a way, I can find out if a certain patch,
> say for the libc, has been applied on a system. Is there a command I
> can use. This is an RHEL4.
> I know the bug number, but don't know how to ascertain if its been
> applied on this box. Its a production box.
Assuming that the system administrator is using the default RHEL management
of software configuration with RPM:
1. Identify the RPM package which contains the file of interest:
$ rpm -qf /lib/libc.so.6
2. Verify that the files of the associated package, as currently on the
system, are unchanged from the .rpm:
$ rpm --verify glibc-2.3.5-10.3
3. Check that the desired patch was included in the source of that package.
Inspecting the %changelog might suffice, if you trust the developer:
$ rpm --query --changelog glibc-2.3.5-10.3
To be 100% sure: you must download the source package .src.rpm from
RedHat Network, then inspect the source to verify that the patch is
present, and that the build recipe applies it [and does not remove it]:
$ rpmbuild -bp --target i686 glibc-2.3.5.spec
[apply eyeballs and brain]
If the system administrator is not using RHEL management, then it might
require behavioral analysis (trial and error) to determine if the patch
has been applied to your system.