Re: [CentOS-devel] [CentOS-announce] CentOS Linux, CentOS Stream and the Boot Hole vulnerability
Am 29.07.20 um 19:38 schrieb Brian Stinson:
We are aware of the Boot Hole vulnerability in grub2 (CVE-2020-1073) and are working on releasing new packages for CentOS Linux 7, CentOS Linux 8 and CentOS Stream in response. These should make it out to a mirror near you shortly.
Should be ? CVE-2020-10713 and CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311
-- Leon
On 7/29/20 1:35 PM, Leon Fauster via CentOS-devel wrote:
Am 29.07.20 um 19:38 schrieb Brian Stinson:
We are aware of the Boot Hole vulnerability in grub2 (CVE-2020-1073) and are working on releasing new packages for CentOS Linux 7, CentOS Linux 8 and CentOS Stream in response. These should make it out to a mirror near you shortly.
Should be ? CVE-2020-10713 and CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311
We have no ability to match up CVE numbers and CentOS-8 releases .. as modules use git commit IDs and build time stamps in the rpm names.
2020-08-03 (月) の 10:41 -0500 に Johnny Hughes さんは書きました:
On 7/29/20 1:35 PM, Leon Fauster via CentOS-devel wrote:
Am 29.07.20 um 19:38 schrieb Brian Stinson:
We are aware of the Boot Hole vulnerability in grub2 (CVE-2020- 1073) and are working on releasing new packages for CentOS Linux 7, CentOS Linux 8 and CentOS Stream in response. These should make it out to a mirror near you shortly.
Should be ? CVE-2020-10713 and CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311
We have no ability to match up CVE numbers and CentOS-8 releases .. as modules use git commit IDs and build time stamps in the rpm names.
CentOS-devel mailing list CentOS-devel@centos.org https://lists.centos.org/mailman/listinfo/centos-devel
Hi,
That's understandable. But on a separate note, is there any chance of CentOS Announce receiving update information for CentOS 8?
Currently, 6 and 7 are receiving them. However, for several months now CentOS 8 hasn't had any update emails on that list with the exception of minor releases or this issue.
Just wondering, because I use that list to keep up with updates :-).
Kind Regards and Stay Safe
Jake Shipton (JakeMS)
On 8/8/20 1:36 AM, Jake Shipton wrote:
2020-08-03 (月) の 10:41 -0500 に Johnny Hughes さんは書きました:
On 7/29/20 1:35 PM, Leon Fauster via CentOS-devel wrote:
Am 29.07.20 um 19:38 schrieb Brian Stinson:
We are aware of the Boot Hole vulnerability in grub2 (CVE-2020- 1073) and are working on releasing new packages for CentOS Linux 7, CentOS Linux 8 and CentOS Stream in response. These should make it out to a mirror near you shortly.
Should be ? CVE-2020-10713 and CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311
We have no ability to match up CVE numbers and CentOS-8 releases .. as modules use git commit IDs and build time stamps in the rpm names.
CentOS-devel mailing list CentOS-devel@centos.org https://lists.centos.org/mailman/listinfo/centos-devel
Hi,
That's understandable. But on a separate note, is there any chance of CentOS Announce receiving update information for CentOS 8?
Currently, 6 and 7 are receiving them. However, for several months now CentOS 8 hasn't had any update emails on that list with the exception of minor releases or this issue.
Just wondering, because I use that list to keep up with updates :-).
Kind Regards and Stay Safe
Jake Shipton (JakeMS)
What we have right now is two fold:
This: https://feeds.centos.org/
And looking at what is built for dist-c8-compose (what will be in the latest compose): https://koji.mbox.centos.org/koji/builds?tagID=338
-
Jake Shipton -
Johnny Hughes -
Leon Fauster