[CentOS-devel] To enquire about the expected arrival of ntp, ntpdate, expat&libxml2 rpms with CVE fix
Trevor Hemsley
trevor.hemsley at ntlworld.comThu Apr 12 08:24:22 UTC 2018
- Previous message: [CentOS-devel] To enquire about the expected arrival of ntp, ntpdate, expat&libxml2 rpms with CVE fix
- Next message: [CentOS-devel] CentOS Origin packages in testing for 3.7, 3.8 and 3.9
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 12/04/18 07:57, Veetil, Vyshnav wrote: > > Hi All, > > Can you please tell me the expected release of these rpms which is > having the fix for below CVE’s. > > 1. expat rpm: > CVE-2017-9233 > > > > 2.libxml2: > > CVE-2015-8035 > > > > 3. ntp and ntpdate RPM: > > CVE-2017-6462 > > CVE-2018-7170 > > CVE-2018-7170 > > CVE-2016-4954 > > CVE-2016-4955 > > CVE-2016-4956 > You can check the status of CVE numbers by looking at e.g. https://access.redhat.com/security/cve/cve-2017-9233 That one is listed there as "Will not fix". Substitute your other CVE numbers into the URL to check those too. Any that are listed with a section containing "Redhat Security Errata" are fixed and the publication date of the RHSA announcement listed will be when the fix was released. If it says 2018-04-10 then the fix is part of 7.5 and will be released when CentOS 7.5 is released. ETA unknown but ASAP. Trevor -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20180412/ddb66b87/attachment-0002.html>
- Previous message: [CentOS-devel] To enquire about the expected arrival of ntp, ntpdate, expat&libxml2 rpms with CVE fix
- Next message: [CentOS-devel] CentOS Origin packages in testing for 3.7, 3.8 and 3.9
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list