Page 1 of 1

CVE-2021-33909

Posted: 2021/07/21 14:51:09
by kilian
Hi!

I see that the kernel fix for CVE-2021-33909 (kernel-3.10.0-1160.36.2.el7, https://access.redhat.com/errata/RHSA-2021:2725) is not available in CentOS updates yet. What's the typical delay for inclusion in CentOS?

Thanks.

Re: CVE-2021-33909

Posted: 2021/07/21 16:15:58
by jlehtone
I guess it depends on size of build and severity.

If we look at the previous kernel release, 3.10.0-1160.31.1.el7
* 2021-06-08 RHEL annoucement https://access.redhat.com/errata/RHSA-2021:2314
* 2021-06-14 CentOS release https://lists.centos.org/pipermail/cent ... 48337.html

Re: CVE-2021-33909

Posted: 2021/07/21 16:33:21
by TrevorH
It's building and likely to be released today/tomorrow.

Re: CVE-2021-33909

Posted: 2021/07/21 16:37:29
by kilian
Perfect, thanks!

Re: CVE-2021-33909

Posted: 2021/07/21 17:33:44
by DizzyNYC
Is there a status page on the build progress?

Re: CVE-2021-33909

Posted: 2021/07/21 18:46:39
by TrevorH
In a word, no.