[CentOS-devel] When you will fix the CVE's affected to kernel package.

Trevor Hemsley trevor.hemsley at ntlworld.com
Fri Jul 13 06:01:16 UTC 2018


On 13/07/18 06:12, Veetil, Vyshnav wrote:
>
> Hi,
>
> Could you please let us know ,when you will fix these below CVE’s in
> kernel package.
>
> 1) CVE-2018-10940
>
> 2) CVE-2018-1120
>
As I'm pretty sure has been said before, CentOS does not fix anything.
CentOS is a rebuild of RHEL source so when Redhat fix something for
RHEL, then CentOS inherits the fix. The only changes CentOS makes to
RHEL source are those necessary to remove branding and logos.

You can see the status of any CVE from Redhat's POV by hitting, for
example, https://access.redhat.com/security/cve/CVE-2014-0224

Trevor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20180713/1ad7b46c/attachment.html>


More information about the CentOS-devel mailing list