Page 1 of 1
CentOS Security Update for kernel (CESA-2018:3651)
Posted: 2019/04/08 17:43:17
by claysql
My security team ran a scan of my servers and it found that I need to install CVE-2018-14633 and CVE-2018-14646. I tried doing this via yum but it appears that this is not possible. How do I update/install CVEs?
Re: CentOS Security Update for kernel (CESA-2018:3651)
Posted: 2019/04/09 03:55:05
by TrevorH
By running yum update to update everything. There is no security related metadata in the CentOS yum repos to allow yum-plugin-security to operate.
Re: CentOS Security Update for kernel (CESA-2018:3651)
Posted: 2019/04/09 03:58:20
by hunter86_bg
You can check Red Hat's
CVE-2018-14633
So , you just need to update to the latest patches and reboot.
Re: CentOS Security Update for kernel (CESA-2018:3651)
Posted: 2019/04/10 19:35:54
by claysql
CentOS does not have official errata: the CentOS upstream repos do not have an UPDATEINFO.XML
So I followed the steps at
http://updateinfo.cefs.steve-meier.de
Re: CentOS Security Update for kernel (CESA-2018:3651)
Posted: 2019/06/20 11:21:43
by sgwestrip
It is disappointing that in a world where security/data protection etc. is ever more important we still do not have UPDATEINFO.XML in the officical CentOS repos
Re: CentOS Security Update for kernel (CESA-2018:3651)
Posted: 2019/06/22 12:03:34
by hunter86_bg
In such case, you can donate some of your time and provide a solution that will match the Red Hat's solution.
Re: CentOS Security Update for kernel (CESA-2018:3651)
Posted: 2019/06/22 14:49:00
by TrevorH
And in any case, since about 90% of updates that are released outside of point release times are ALL security related, just running yum update is good enough.