In the context of trying to work around the broken yum-security plugin, I'd like to correlate the output of
Code: Select all
yum changelog updates
wget-1.14-18.el7_6.1.x86_64 updates
* Fri Apr 5 14:00:00 2019 Tomas Hozza <thozza@redhat.com> - 1.14-18.1
- Fix CVE-2019-5953 (#1696733)
* Wed May 9 14:00:00 2018 Tomas Hozza <thozza@redhat.com> - 1.14-18
- Fix CVE-2018-0494 (#1576106)
* Mon Apr 23 14:00:00 2018 Tomas Hozza <thozza@redhat.com> - 1.14-17
- Fix segfault when Digest Authentication header is missing 'qop' part (#1545310)
Code: Select all
yum info wget
Installed Packages
Name : wget
Arch : x86_64
Version : 1.14
Release : 18.el7
Size : 2.0 M
Repo : installed
From repo : base
Summary : A utility for retrieving files using the HTTP or FTP protocols
.
.
Available Packages
Name : wget
Arch : x86_64
Version : 1.14
Release : 18.el7_6.1
Size : 547 k
Repo : updates/7/x86_64
Summary : A utility for retrieving files using the HTTP or FTP protocols
.
.
Code: Select all
changelog yum info
18 18.el7
18.1 18.el7_6.1
Incidentally we note that the CVE fix has shrinked the package by nearly 75 %.