Rollback RPM
Posted by blogadmin on June 14, 2012
Our monthly vulnerability mitigation policy wanted us to upgrade our vulnerable nss_ldap package to latest version. I went ahead and did the upgrade. After consulting CERT and various CVE and NVD site I found the upgrade was not needed as current version was not having any vulnerabilities. Sadly the new version installed had vulnerabilities according to CVE so it was time to revert back to earlier version. Here is how I did it.
Install yum-utils (To get yumdownloader script)
# yum -y install yum-utils
Running Transaction
Installing: yum-utils ######################### [1/1]
Download the previous version of nss_ldap
# yumdownloader nss_ldap-253-5.el5
Loading "rhnplugin" plugin
rhel-x86_64-server-5 100% |=========================| 1.4 kB 00:00
nss_ldap-253-5.el5.x86_64 100% |=========================| 1.4 MB 00:00
nss_ldap-253-5.el5.i386.r 100% |=========================| 1.4 MB 00:00
The packages will be downloaded and saved in the current working directory, to verify, list the directory:
# ls nss_ldap*
nss_ldap-253-5.el5.i386.rpm nss_ldap-253-5.el5.x86_64.rpm
Downgrade the package using rpm :
# rpm -Uvh --oldpackage nss_ldap-253-5.el5.*.rpm
Preparing... ########################################### [100%]
1:nss_ldap ########################################### [ 50%]
2:nss_ldap ########################################### [100%]
Let Red Hat Network know that you have downgraded the packages:
# rhn-profile-sync
Updating package profile...
Updating hardware profile...
After reboot the problem should be fixed.
Filed under System Administration