Where are the security updates?

Support for security such as Firewalls and securing linux
Post Reply
henrythor
Posts: 2
Joined: 2018/11/30 10:19:29

Where are the security updates?

Post by henrythor » 2018/11/30 10:59:18

I am having trouble understanding why my system isn't updating. I only run one server on Centos, so I'm not super familiar with it.

I use yum-cron, and it's worked for me so far. I use a vulnerability scanner from Tenable and it started going absolutely haywire on this one machine

The following security advisories are not being addressed in the package repositories on any mirror I've tried, and I've tried about 5-6 different ones:

CESA-2018:3157 Moderate CentOS 7 curl Security Update

Code: Select all

Remote package installed : curl-7.29.0-46.el7
Should be                : curl-7.29.0-51.el7

Remote package installed : libcurl-7.29.0-46.el7
Should be                : libcurl-7.29.0-51.el7

Remote package installed : nss-pem-1.0.3-4.el7
Should be                : nss-pem-1.0.3-5.el7
CESA-2018:3059 Low CentOS 7 freeglut Security Update

Code: Select all

Remote package installed : libX11-1.6.5-1.el7
Should be                : libX11-1.6.5-2.el7

Remote package installed : libX11-common-1.6.5-1.el7
Should be                : libX11-common-1.6.5-2.el7

Remote package installed : libXfont-1.5.2-1.el7
Should be                : libXfont-1.5.4-1.el7

Remote package installed : libdrm-2.4.83-2.el7
Should be                : libdrm-2.4.91-3.el7

Remote package installed : libxcb-1.12-1.el7
Should be                : libxcb-1.13-1.el7

Remote package installed : xorg-x11-font-utils-7.5-20.el7
Should be                : xorg-x11-font-utils-7.5-21.el7
CESA-2018:3408 Important CentOS 7 git Security Update

Code: Select all

Remote package installed : git-1.8.3.1-14.el7_5
Should be                : git-1.8.3.1-20.el7

Remote package installed : perl-Git-1.8.3.1-14.el7_5
Should be                : perl-Git-1.8.3.1-20.el7
CESA-2018:3092 Moderate CentOS 7 glibc Security Update

Code: Select all

Remote package installed : glibc-2.17-222.el7
Should be                : glibc-2.17-260.el7

Remote package installed : glibc-common-2.17-222.el7
Should be                : glibc-common-2.17-260.el7
CESA-2018:3083 Important CentOS 7 kernel Security Update

Code: Select all

Remote package installed : kernel-3.10.0-862.14.4.el7
Should be                : kernel-3.10.0-957.el7

Remote package installed : kernel-tools-3.10.0-862.14.4.el7
Should be                : kernel-tools-3.10.0-957.el7

Remote package installed : kernel-tools-libs-3.10.0-862.14.4.el7
Should be                : kernel-tools-libs-3.10.0-957.el7

Remote package installed : python-perf-3.10.0-862.14.4.el7
Should be                : python-perf-3.10.0-957.el7
CESA-2018:3140 Moderate CentOS 7 xdg-desktop-portal-gtk Security Update

Code: Select all

Remote package installed : cairo-1.14.8-2.el7
Should be                : cairo-1.15.12-3.el7

Remote package installed : fontconfig-2.10.95-11.el7
Should be                : fontconfig-2.13.0-4.3.el7

Remote package installed : freetype-2.4.11-15.el7
Should be                : freetype-2.8-12.el7

Remote package installed : gdk-pixbuf2-2.36.5-1.el7
Should be                : gdk-pixbuf2-2.36.12-3.el7

Remote package installed : glib-networking-2.50.0-1.el7
Should be                : glib-networking-2.56.1-1.el7

Remote package installed : glib2-2.54.2-2.el7
Should be                : glib2-2.56.1-2.el7

Remote package installed : gobject-introspection-1.50.0-1.el7
Should be                : gobject-introspection-1.56.1-1.el7

Remote package installed : gsettings-desktop-schemas-3.24.1-2.el7_5
Should be                : gsettings-desktop-schemas-3.28.0-2.el7

Remote package installed : harfbuzz-1.3.2-1.el7
Should be                : harfbuzz-1.7.5-2.el7

Remote package installed : libcroco-0.6.11-1.el7
Should be                : libcroco-0.6.12-4.el7

Remote package installed : librsvg2-2.40.16-1.el7
Should be                : librsvg2-2.40.20-1.el7

Remote package installed : libsoup-2.56.0-6.el7
Should be                : libsoup-2.62.2-2.el7

Remote package installed : libwayland-client-1.14.0-2.el7
Should be                : libwayland-client-1.15.0-1.el7

Remote package installed : libwayland-server-1.14.0-2.el7
Should be                : libwayland-server-1.15.0-1.el7

Remote package installed : pango-1.40.4-1.el7
Should be                : pango-1.42.4-1.el7
CESA-2018:3073 Moderate CentOS 7 zsh Security Update

Code: Select all

Remote package installed : zsh-5.0.2-28.el7
Should be                : zsh-5.0.2-31.el7
CESA-2018:3032 Low CentOS 7 binutils Security Update

Code: Select all

Remote package installed : binutils-2.27-28.base.el7_5.1
Should be                : binutils-2.27-34.base.el7
CESA-2018:3324 Moderate CentOS 7 fuse Security Update

Code: Select all

Remote package installed : fuse-2.9.2-10.el7
Should be                : fuse-2.9.2-11.el7

Remote package installed : fuse-libs-2.9.2-10.el7
Should be                : fuse-libs-2.9.2-11.el7
CESA-2018:3253 Low CentOS 7 jasper Security Update

Code: Select all

Remote package installed : jasper-libs-1.900.1-31.el7
Should be                : jasper-libs-1.900.1-33.el7
CESA-2018:3071 Low CentOS 7 krb5 Security Update

Code: Select all

Remote package installed : krb5-libs-1.15.1-19.el7
Should be                : krb5-libs-1.15.1-34.el7
CESA-2018:3327 Low CentOS 7 libmspack Security Update

Code: Select all

Remote package installed : libmspack-0.5-0.5.alpha.el7
Should be                : libmspack-0.5-0.6.alpha.el7
CESA-2018:3221 Moderate CentOS 7 openssl Security Update

Code: Select all

Remote package installed : openssl-1.0.2k-12.el7
Should be                : openssl-1.0.2k-16.el7

Remote package installed : openssl-libs-1.0.2k-12.el7
Should be                : openssl-libs-1.0.2k-16.el7
CESA-2018:3041 Moderate CentOS 7 python Security Update

Code: Select all

Remote package installed : python-2.7.5-69.el7_5
Should be                : python-2.7.5-76.el7

Remote package installed : python-libs-2.7.5-69.el7_5
Should be                : python-libs-2.7.5-76.el7
CESA-2018:3249 Low CentOS 7 setup Security Update

Code: Select all

Remote package installed : setup-2.8.71-9.el7
Should be                : setup-2.8.71-10.el7
CESA-2018:3052 Moderate CentOS 7 wget Security Update

Code: Select all

Remote package installed : wget-1.14-15.el7_4.1
Should be                : wget-1.14-18.el7
CESA-2018:3107 Moderate CentOS 7 wpa_supplicant Security Update

Code: Select all

Remote package installed : wpa_supplicant-2.6-9.el7
Should be                : wpa_supplicant-2.6-12.el7
Here are the mirrors I've tried having yum use, to no avail, it reports no updates. I'll link the Packages directory so you can see the packages simply aren't there (for the newer versions):
https://centos.hysing.is/7/os/x86_64/Packages/
http://fedora.is/centos/7/os/x86_64/Packages/
https://mirror.netsite.dk/centos/7/os/x86_64/Packages/
http://mirror.nyherji.is/centos/7/os/x86_64/Packages/
http://mirror.duomenucentras.lt/centos/ ... /Packages/
http://mirror.23media.de/centos/7/os/x86_64/Packages/
http://mirror.karneval.cz/pub/centos/7/ ... /Packages/

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Where are the security updates?

Post by TrevorH » 2018/11/30 11:05:22

All those packages are part of 7.6 which has not yet been released. You can get advance access to what will be 7.6 by enabling the CR repo using, e.g. yum --enablerepo=cr update (may also need --noplugins or priority= adjusting in the repo file if you have priority assigned to base/updates already).
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

henrythor
Posts: 2
Joined: 2018/11/30 10:19:29

Re: Where are the security updates?

Post by henrythor » 2018/11/30 12:23:38

Thanks for that. :)

Post Reply