Some Pending security updates since 31st of May ...

[ErikH]

Hello!

I'm waiting for a bunch of security updates that have been provided as part of RHEL 7 but I haven't seen any updates for CentOS 7 since 31st of May.

Someone already asked about a pending update related to python (CVE-2023-24329, RHSA-2023:3555, RHSA-2023:3556):
viewtopic.php?f=51&t=80229

Meanwhile it looks like more updates are pending, e.g. I'm here because of firefox, which should be available
as version firefox-102.12.0-1.el7_9.x86_64.rpm to fix two CVE issues ( CVE-2023-34414,CVE-2023-34416, e.g. RHSA-2023:3579).

Another security update that I can ignore in my lab is the emacs update (RHSA-2023:3481) that is pending too.

Looking for more information and reference information I remembered that ScientificLinux is also based on RHEL 7, so I cross-checked there and found they are providing the missing packages. E.g. here is a mirror that can be sorted by timestamps:
https://scientificlinux.physik.uni-muen ... y/?C=M;O=D

[TrevorH]

I have poked the person responsible for the updates...

[TrevorH]

They are all building/in testing

I checked the update list and we are missing

emacs*
slapi-nis
nss-pem
kernel
pki-core
geoipupdate
python-flask*
python3*
thunderbird*
firefox*

The ones marked with an * are security related, the others are just RH's monthly patch Tuesday batch of assorted bug fixes that are not security related. Thunderbird and firefox are from 14th June.