Resolving vulnerabilities in CentOS 7

General support questions
Post Reply
kcarew98
Posts: 1
Joined: 2020/10/08 13:55:54

Resolving vulnerabilities in CentOS 7

Post by kcarew98 » 2020/10/08 14:46:42

We're currently building our images on CentOS 7.8.2003 but upgrading to CentOS 8 is not an option. I've been trying to use yum to update some OS packages that are being flagged as vulnerabilities but the versions to update to are not available in yum in CentOS 7 (some updates are in CentOS 8 but sadly upgrading to CentOS 8 isn't an option for our company).

For example, dbus version 1.10.24-14.el7_8 is flagged as a vulnerability (CVE-2019-12749) and that I need to update it to version 1.10.24-15.el7 or above.
Doing "yum update dbus" doesn't work as 1.10.24-14.el7_8 is the latest version available to yum. I've tried manually adding a repo to a 1.12 version of dbus but it fails trying to install it as dbus needs several dependencies to be updated at the same time. I feel like going through each vulnerability manually and updating all their dependencies (and all their dependencies etc) isn't the right solution.

How can I resolve these vulnerabilities?

User avatar
TrevorH
Forum Moderator
Posts: 29681
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Resolving vulnerabilities in CentOS 7

Post by TrevorH » 2020/10/08 14:56:26

Most likely these are all brand new CVEs that have just been fixed in RHEL 7.9 which came out last week. CentOS 7.9 is building now and will hit the CR repo first though there is no date for that as yet (but RSN!).
CentOS 6 will die in November 2020 - migrate sooner rather than later!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

Post Reply

Return to “CentOS 7 - General Support”