CentOS Security Update for kernel (CESA-2018:3651)

Support for security such as Firewalls and securing linux
Post Reply
claysql
Posts: 3
Joined: 2016/09/30 12:58:29

CentOS Security Update for kernel (CESA-2018:3651)

Post by claysql » 2019/04/08 17:43:17

My security team ran a scan of my servers and it found that I need to install CVE-2018-14633 and CVE-2018-14646. I tried doing this via yum but it appears that this is not possible. How do I update/install CVEs?

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CentOS Security Update for kernel (CESA-2018:3651)

Post by TrevorH » 2019/04/09 03:55:05

By running yum update to update everything. There is no security related metadata in the CentOS yum repos to allow yum-plugin-security to operate.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

hunter86_bg
Posts: 2019
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: CentOS Security Update for kernel (CESA-2018:3651)

Post by hunter86_bg » 2019/04/09 03:58:20

You can check Red Hat's CVE-2018-14633
So , you just need to update to the latest patches and reboot.

claysql
Posts: 3
Joined: 2016/09/30 12:58:29

Re: CentOS Security Update for kernel (CESA-2018:3651)

Post by claysql » 2019/04/10 19:35:54

CentOS does not have official errata: the CentOS upstream repos do not have an UPDATEINFO.XML

So I followed the steps at http://updateinfo.cefs.steve-meier.de

sgwestrip
Posts: 2
Joined: 2016/11/17 17:07:37

Re: CentOS Security Update for kernel (CESA-2018:3651)

Post by sgwestrip » 2019/06/20 11:21:43

It is disappointing that in a world where security/data protection etc. is ever more important we still do not have UPDATEINFO.XML in the officical CentOS repos

hunter86_bg
Posts: 2019
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: CentOS Security Update for kernel (CESA-2018:3651)

Post by hunter86_bg » 2019/06/22 12:03:34

In such case, you can donate some of your time and provide a solution that will match the Red Hat's solution.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CentOS Security Update for kernel (CESA-2018:3651)

Post by TrevorH » 2019/06/22 14:49:00

And in any case, since about 90% of updates that are released outside of point release times are ALL security related, just running yum update is good enough.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply