<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>Dear community,<br>
      <br>
      I would like to ask a following question:<br>
      <br>
      - How are CVEs handled in CentOS Stream? The answer in faq<br>
        page (<a href="https://centos.org/distro-faq" target="_blank"
data-saferedirecturl="https://www.google.com/url?q=https://centos.org/distro-faq&source=gmail&ust=1613700352327000&usg=AFQjCNGd1ufnAw1w7jTdXB8N9wmCaxEWVA">https://centos.org/distro-faq</a>)
      states that security<br>
        issues will be updated in CentOS Stream after they are solved<br>
        in the current RHEL release. However, CentOS Steam 8 solved<br>
        CVE-2020-15437 (kernel) while RHEL 8 has not (as of February
      17,2021).<br>
        Does the order of security updates between RHEL and CentOS
      Stream<br>
        depend on the situation?<br>
      <br>
      Best regards,<br>
      ---<br>
      Naoto Kobayashi<wbr></p>
  </body>
</html>