[CentOS] CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754

Warren Young

warren at etr-usa.com
Thu Jan 4 22:41:56 UTC 2018


On Jan 4, 2018, at 12:18 PM, Walter H. <walter.h at mathemainzel.info> wrote:
> 
> will there be updates for these CVEs for CentOS 6?

Red Hat hasn’t released them all yet.  Quoting Christopher Robinson in the thread for this here:

    https://access.redhat.com/errata/RHSA-2018:0007

"We will be pushing errata out as soon as they have passed our QA team's testing. The more modern versions were easier to backport patches from upstream, and as you progress backwards the fixes change from a backporting exercise into a complete rewrite. We expect all packages for RHEL7 to be available shortly, with RHEL6 following closely behind.”

Robinson’s reply then goes into other ramifications which don’t impact CentOS for one reason or another, except insofar as CentOS’s speed in responding to this is gated in large part by Red Hat’s ability to respond.


More information about the CentOS mailing list