Centos 7.9 - Fix availability for CVE-2022-37454 CVE-2022-42898 CVE-2022-37454

Support for security such as Firewalls and securing linux
Post Reply
stefano.giacco
Posts: 1
Joined: 2022/11/30 13:54:50

Centos 7.9 - Fix availability for CVE-2022-37454 CVE-2022-42898 CVE-2022-37454

Post by stefano.giacco » 2022/11/30 14:00:51

Hello,
Is there a fix available for following security vulnerabilities?

CVE-2022-37454 CVE-2022-42898 CVE-2022-37454

I searched for a package update for Centos7.9 to fix them but with no success. Can you please advice?

Thanks,
Stefano

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Centos 7.9 - Fix availability for CVE-2022-37454 CVE-2022-42898 CVE-2022-37454

Post by TrevorH » 2022/11/30 17:27:05

https://access.redhat.com/security/cve/CVE-2022-37454 - not affected
https://access.redhat.com/security/cve/CVE-2022-42898 - krb5 update released 2 days ago for RHEL, not yet built and published for CentOS

Your third CVE number is the same as the 1st.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Centos 7.9 - Fix availability for CVE-2022-37454 CVE-2022-42898 CVE-2022-37454

Post by TrevorH » 2022/11/30 23:22:40

The krb5-libs updated is out.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply