Centos 8 Security Advisories

Support for security such as Firewalls and securing linux
Post Reply
obaidr76
Posts: 2
Joined: 2020/09/15 10:19:05

Centos 8 Security Advisories

Post by obaidr76 » 2020/09/24 04:39:55

Is there any link for Centos 8 that we can depend on to identify security advisories? Currently, we are unable to find advisories for CentOS 8. Can we assume the CVEs applicable for RHEL 8 along with the versions would be same for CentOS 8 as well? Are there any other links that we can depend on to identify the security issues on CentOS 8?

User avatar
TrevorH
Forum Moderator
Posts: 30314
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Centos 8 Security Advisories

Post by TrevorH » 2020/09/24 07:04:18

CentOS Linux 8 is a rebuild of RHEL 8 so will have all the same bugs and if it does not then it's a bug in itself.
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

obaidr76
Posts: 2
Joined: 2020/09/15 10:19:05

Re: Centos 8 Security Advisories

Post by obaidr76 » 2020/09/25 09:20:31

so are the fixes available to Centos8 packages for the same vulnerability or they will be vulnerable? since the affected version for Red Hat 8 shows significantly different or higher. How are we supposed to know if a certain fix corresponds to certain advisory?

secsh
Posts: 1
Joined: 2020/11/26 10:33:40

Re: Centos 8 Security Advisories

Post by secsh » 2020/11/30 08:49:25

Was there any follow up on this? Interested to see how others are dealing with Centos 8 vulnerability scans. Looks like Nessus no long supports it due to this, and I was wondering if anyone else has a working solution?

kluch
Posts: 9
Joined: 2020/05/31 05:47:54

Re: Centos 8 Security Advisories

Post by kluch » 2021/01/27 13:42:08

Tenable Nessus NEVER supported testing patch management against Centos 8 (they claim it is supported but it is not truth). There was no plugin at all dedicated for Centos 8 because there are no announcements on centos announcement-list (it is silly but I received this info from support).
The only working solution (patch management) is Uyuni/Spacewalk with CEFS (http://cefs.steve-meier.de/). It will not scan but will show vulnerabilities if you have repositories syncronized and added CEFS erratas.

Post Reply

Return to “CentOS 8 - Security Support”