Once your Red Hat system is live, you must make sure that the most current required Red Hat errata are installed.These errata include bug fixes, corrections, and updates to Red Hat products.You should always check the Red Hat site at www.redhat.com/apps/support/updates.html for the latest errata news.The following list defines the different types of errata found at the Red Hat Updates and Errata site.

Bug fixes Address coding errors discovered after the release of the product, and may be critical to program functionality.These Red Hat Package Manager tools (RPMs) can be downloaded for free. Bug fixes provide a fix to specific issues, such as a certain error message that may occur when completing an operating system task. Bug fixes should only be installed if your system experiences a specific problem. Another helpful resource is Bugzilla, the Red Hat bug-tracking system at http://bugzilla.redhat.com/bugzilla.

Security advisories Provide updates that eliminate security vulnerabilities on the system. Red Hat recommends that all administrators download and install the security upgrades to avoid denial-of-service (DoS) and intrusion attacks that can result from these weaknesses. For example, a security update can be downloaded for a vulnerability that caused a memory overflow due to improper input verification in Netscape’s Joint Photographic Experts Group (JPEG) code.

Package enhancements Provide updates to the functions and features of the operating system or specific applications. Package enhancements are usually not critical to the system’s integrity; they often fix functionality programs, such as an RPM that provides new features. Here are the steps for accessing Linux bug fixes, security advisories, and package enhancements: www.syngress.com

1. To download bug fixes, point your browser to www.redhat.com/ apps/support/updates.html. Under the “Errata: Fixes and Advisories” section, click the Red Hat Linux Bug Fixes link.The latest bug fixes are available for download on this page. Click each bug to learn more, and determine whether it affects your system. Some fixes do not include software downloads, such as RPMs; instead, they explain how to con- figure your system to fix the problem.

2. To download security advisories, point your browser to www.redhat .com/apps/support/updates.html. Under the “Errata: Fixes and Advisories” section, click the Red Hat Linux Security Advisories link. For example, one download contains three security hole fixes, as well as additional support for Pentium 4 processors.This affects Red Hat 6.x and 7.0 users. It is imperative for Linux administrators to check this Web site on a regular basis, determine if the changes are necessary, and implement the vulnerability fix.

3. To download package enhancements, point your browser to www.redhat.com/apps/support/updates.html. Under the “Errata: Fixes and Advisories” section, click the All Red Hat Linux Errata link, and then the Package Enhancements link. A Red Hat Linux www.syngress.com Package Enhancements link may also exist on the main Errata page.The available package enhancements are listed. Check the list to see if any enhancements affect your operating system or applications. If an enhancement exists, and installing it would benefit your system, download and install the corresponding package.

Bug Fix Case Study

In a production environment, a problem may exist if a system has an i810 chipset and is running Red Hat Linux 6.2.The correct amount of system RAM may not be available to the system. Consequently, the system cannot maximize RAM usage, and may not run certain programs because it thinks it does not have enough RAM.A fix for this problem is available at the Red Hat Updates and Errata Web site.

According to the bug fix, an administrator needs to manually enter the amount of RAM for the system.To check if the problem exists on a system, the administrator must log on as root and enter:

cat /proc/meminfo

If the memTotal value is not within a few MB of the actual system RAM, the administrator needs to manually enter the correct amount of system RAM.To accomplish this task, the administrator must have root access and edit the /etc/lilo.conf file by entering:

vi /etc/lilo.conf

The administrator must locate the current kernel image and add a new line by pressing i (to enter vi’s insert mode) and entering the following:

append="mem=[total amount of ram (in MB)]"

One MB should be subtracted from the total because the final megabyte is not available on all systems.

The administrator must write and quit the lilo.conf file by pressing ESC (to exit vi’s insert mode) and entering:

:wq

Then he or she must load the updated lilo.conf file into memory by entering:

/sbin/lilo www.syngress.com The administrator must reboot the machine. Afterward, he or she must check the RAM allocation by entering:

cat /proc/meminfo

If it is within a few MB of the actual RAM, the bug has been fixed. If not, the administrator must repeat the case study steps to ensure that the correct amount of RAM is allocated to the OS.