[CentOS-devel] [CentOS-announce] CentOS Linux, CentOS Stream and the Boot Hole vulnerability

Sat Aug 8 06:36:04 UTC 2020
Jake Shipton <listmail at crazylinuxnerd.net>

2020-08-03 (月) の 10:41 -0500 に Johnny Hughes さんは書きました:
> On 7/29/20 1:35 PM, Leon Fauster via CentOS-devel wrote:
> > Am 29.07.20 um 19:38 schrieb Brian Stinson:
> > > We are aware of the Boot Hole vulnerability in grub2 (CVE-2020-
> > > 1073) and
> > > are working on releasing new packages for CentOS Linux 7, CentOS
> > > Linux 8
> > > and CentOS Stream in response. These should make it out to a
> > > mirror near
> > > you shortly.
> > > 
> > 
> > Should be ?
> > CVE-2020-10713
> > and
> > CVE-2020-14308
> > CVE-2020-14309
> > CVE-2020-14310
> > CVE-2020-14311
> > 
> 
> We have no ability to match up CVE numbers and CentOS-8 releases ..
> as
> modules use git commit IDs and build time stamps in the rpm names.
> 
> 
> _______________________________________________
> CentOS-devel mailing list
> CentOS-devel at centos.org
> https://lists.centos.org/mailman/listinfo/centos-devel

Hi,

That's understandable. But on a separate note, is there any chance of
CentOS Announce receiving update information for CentOS 8?

Currently, 6 and 7 are receiving them. However, for several months now
CentOS 8 hasn't had any update emails on that list with the exception
of minor releases or this issue.

Just wondering, because I use that list to keep up with updates :-).

Kind Regards and Stay Safe

Jake Shipton (JakeMS)