Re: modules maintenance

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Am 09.08.22 um 17:03 schrieb Valere Binet:

Are the default modules receiving security update?

Security tools (Tenable) want me to update PHP to 7.4 claiming
7.2.24-1.module_el8.2.0+313+b04d0a66 has several vulnerabilities per
CESA-2021:4213, CESA-2022:1935.

Same with containers-common. Tenable wants 1.2.4-1.module_el8.6.0 rather
than 1-23.module_el8.7.0+1106+45480ee0 even though both have the same
2022-03-16 date in the repo. (CESA-2022:1793, CESA-2022:2143).

I don't find any centos-announce email mentioning the above CESA. Are the
updates for the modules published separately? Where can I find them?


If your security tool is looking for a NAME-VERSION-RELEASE of a RHEL package that is part of a module, this will always fail on a CentOS system.


CentOS mailing list

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]

  Powered by Linux