[SOLVED] Is Centos has solution for CVE-2017-15265?

Support for security such as Firewalls and securing linux
Post Reply
bayupermadi
Posts: 7
Joined: 2017/07/03 05:20:55
Location: Malang, Indonesia

[SOLVED] Is Centos has solution for CVE-2017-15265?

Post by bayupermadi » 2017/10/18 09:48:14

Hi,

Yesterday I've alarmed by our security department that CVE-2017-15265 vulnerability reported this week. I've tried to read the announcement in Redhat Portal but seems no solution yet for this vulnerability. I've tried also to upgrade the alsa but no new packages released.

Is there any workaround to solve the vulnerability?

Thank you for your help / answer,


Bayu Permadi
Last edited by bayupermadi on 2017/10/23 09:05:18, edited 1 time in total.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Is Centos has solution for CVE-2017-15265?

Post by TrevorH » 2017/10/18 10:13:31

https://access.redhat.com/security/cve/CVE-2017-15265

Look at the "Mitigation" section there.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

bayupermadi
Posts: 7
Joined: 2017/07/03 05:20:55
Location: Malang, Indonesia

Re: Is Centos has solution for CVE-2017-15265?

Post by bayupermadi » 2017/10/23 09:05:05

Hi TrevorH,

Thanks for your suggestion. After I read and consider the possibility impact, I decide to remove ALSA from the server since the package did not used at our system.

Thank you

Bayu Permadi

Post Reply