Hi
I a running centos-7.9 (CentOS Linux release 7.9.2009 (AltArch))
nss had a vulnerability reported with a CVSS score of 9.8
(https://access.redhat.com/security/cve/CVE-2021-43527).
I can see that there is a x86_64 package for nss that fixes this
vulnerability (nss-3.67.0-4.el7_9.x86_64)
rpm -q nss --changelog |head -n 10
* Thu Nov 18 2021 Bob Relyea <rrelyea(a)redhat.com> - 3.67.0-4
- fix CVE-2021-43527
However, when I tried to find the updated package for aarch64, I don't see
a package fixing this vulnerability for aarch64. Reading the security
report seems to indicate that this affects all architectures. I can also
see that amazonlinux and oracle linux have released nss packages to
address this vulnerability.
Looking through the centos forums, I have not been able to figure out why
this package is missing for aarch64. Does someone know why this package
with high vulnerability has not been updated for centos-7.9?
Thanks for your guidance.
--
Raj Shekhar
I recently got an Odroid HC4.
I built an armbian SD and used that to remove the bootloader so I can
boot the armbian up easily.
Now it is time to get Centos working.
Do you have a uboot for the HC4? (I can try the armbian's if needed)
Is there install instructions
and of course where to get the iso images.
thanks
How can I get the uboot off an SD card and then put it on another? dd is
fine, but how much do I move?
The whole 4MB infront of the first partition? Or is there some way to
determine the actual uboot size and grab just that?
thanks