Unable to install October 2020 CESA Patches

[SquareFish]

Hi all,

We're running into an issue where we've detected a number of our servers are vulnerable to the following:

CESA-2020:3952
CESA-2020:3978
CESA-2020:3901
CESA-2020:4060
CESA-2020:3916

We have run the following commands and are still not seeing these packages.

Code: Select all

sudo yum clean all | sudo rm -r /var/cache/yum | sudo yum update

However, we cannot find these updated packages at all. Additionally we've looked on the official CentOS 7 updates mirror and are still unable to find these packages. Screenshots included are for kernel-3.10.0-1160.el7, we're only seeing kernel-3.10.0-1127.x.x.el7. This is the same case for the other packages listed in the CESA advisories. The other screenshot is for our yum repos.

Additional info:

October 2020
https://lists.centos.org/pipermail/cent ... 0-October/

[tunk]

CentOS 7.9 was released earlier today, I guess the mirrors will be updated shortly.

[TrevorH]

Up until yesterday the fixes you reference were part of the CR repo for 7.8 and you could have applied them at any point in the last 3 or 4 weeks by using yum --enablerepo=cr update.

Now that 7.9 is officially out you do not need to enable the CR repo but you may need to yum clean all first to clean out old metadata for the 7.8 repos and pick up the 7.9 refresh. That would expire on its own after whatever time interval you have configured in yum.conf - default 6h.

[SquareFish]

Thanks @TrevorH , we saw the option to use the CR repos, but opted not to as we don't want any accidental complications in prod.

SInce 7.9 released we aren't seeing this issue anymore, thanks all!