[CentOS-devel] [CentOS-announce] CentOS Linux, CentOS Stream and the Boot Hole vulnerability

Mon Aug 3 15:41:01 UTC 2020
Johnny Hughes <johnny at centos.org>

On 7/29/20 1:35 PM, Leon Fauster via CentOS-devel wrote:
> Am 29.07.20 um 19:38 schrieb Brian Stinson:
>> We are aware of the Boot Hole vulnerability in grub2 (CVE-2020-1073) and
>> are working on releasing new packages for CentOS Linux 7, CentOS Linux 8
>> and CentOS Stream in response. These should make it out to a mirror near
>> you shortly.
>>
> 
> Should be ?
> CVE-2020-10713
> and
> CVE-2020-14308
> CVE-2020-14309
> CVE-2020-14310
> CVE-2020-14311
> 

We have no ability to match up CVE numbers and CentOS-8 releases .. as
modules use git commit IDs and build time stamps in the rpm names.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20200803/e71191b9/attachment-0005.sig>