Today I found out about a vuln in net/py-urllib3. Nagios told me:
Checking for security vulnerabilities in base (userland & kernel): Host system: Database fetched: Tue Nov 26 18:23:32 UTC 2019 py36-urllib3-1.22,1
I logged into that host and ran a pkg upgrade py36-urllib3.
What other hosts have that installed?
samdrucker=# select hostswithpackage('py36-urllib3');
hostswithpackage
-----------------------------
slocum.int.example.org
x8dtu.example.org
r720-01.int.example.org
empty.int.example.org
tallboy.example.org
knew.int.example.org
zuul.example.org
dev-pgeu.int.example.org
(8 rows)
samdrucker=#
There. That’s the hosts I have to update.
How about a list for csshX?
Ideally, I’d like to take the query output, and construct a line line with all those names. I’d use that with csshX (a command line tool for multiple SSH connections controlled by one window), but you could use it with your host management tool of choice.
Here is how I get the line of hosts:
[dan@pg02:~] $ psql -t -c "select hostswithpackage('py36-urllib3');" samdrucker | xargs
slocum.int.example.org x8dtu.example.org r720-01.int.example.org empty.int.example.org tallboy.example.org knew.int.example.org zuul.example.org dev-pgeu.int.example.org
[dan@pg02:~] $
Now I can copy/paste, and get connected to all the hosts, and issue the pkg update command.
Done.
All this, thanks to SamDrucker.
