Centos 8 Security Advisories

Support for security such as Firewalls and securing linux
Post Reply
obaidr76
Posts: 2
Joined: 2020/09/15 10:19:05

Centos 8 Security Advisories

Post by obaidr76 » 2020/09/24 04:39:55

Is there any link for Centos 8 that we can depend on to identify security advisories? Currently, we are unable to find advisories for CentOS 8. Can we assume the CVEs applicable for RHEL 8 along with the versions would be same for CentOS 8 as well? Are there any other links that we can depend on to identify the security issues on CentOS 8?

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Centos 8 Security Advisories

Post by TrevorH » 2020/09/24 07:04:18

CentOS Linux 8 is a rebuild of RHEL 8 so will have all the same bugs and if it does not then it's a bug in itself.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

obaidr76
Posts: 2
Joined: 2020/09/15 10:19:05

Re: Centos 8 Security Advisories

Post by obaidr76 » 2020/09/25 09:20:31

so are the fixes available to Centos8 packages for the same vulnerability or they will be vulnerable? since the affected version for Red Hat 8 shows significantly different or higher. How are we supposed to know if a certain fix corresponds to certain advisory?

secsh
Posts: 1
Joined: 2020/11/26 10:33:40

Re: Centos 8 Security Advisories

Post by secsh » 2020/11/30 08:49:25

Was there any follow up on this? Interested to see how others are dealing with Centos 8 vulnerability scans. Looks like Nessus no long supports it due to this, and I was wondering if anyone else has a working solution?

kluch
Posts: 10
Joined: 2020/05/31 05:47:54

Re: Centos 8 Security Advisories

Post by kluch » 2021/01/27 13:42:08

Tenable Nessus NEVER supported testing patch management against Centos 8 (they claim it is supported but it is not truth). There was no plugin at all dedicated for Centos 8 because there are no announcements on centos announcement-list (it is silly but I received this info from support).
The only working solution (patch management) is Uyuni/Spacewalk with CEFS (http://cefs.steve-meier.de/). It will not scan but will show vulnerabilities if you have repositories syncronized and added CEFS erratas.

eddyresnick
Posts: 1
Joined: 2021/05/18 07:57:23

Re: Centos 8 Security Advisories

Post by eddyresnick » 2021/05/18 08:14:18

I understood that CentOS 8 was being officially supported in the same process as previous CentOS releases until the end of the calendar year 2021. Yet there does not seem to be any security patch announcements for CentOS 8 even though there have been ones announced for RHEL 8.
Can we get an official response as to how to get CentOS 8 security patch announcements please?
Sincerely.
Eddy

User avatar
TrevorH
Site Admin
Posts: 33191
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Centos 8 Security Advisories

Post by TrevorH » 2021/05/18 10:26:03

For an "official" response, you're in the wrong place. This forum is entirely staffed by volunteers who have about as much knowledge as you do about what goes on.

Last I saw the answer was something along the lines of : Red Hat changed the way security announcements are made and the existing scripting does not work with the changes so there won't be any CentOS 8 security mails.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply