CentOS • Where are the security updates?

Page 1 of 1

Where are the security updates?

Posted: 2018/11/30 10:59:18

by henrythor

I am having trouble understanding why my system isn't updating. I only run one server on Centos, so I'm not super familiar with it.

I use yum-cron, and it's worked for me so far. I use a vulnerability scanner from Tenable and it started going absolutely haywire on this one machine

The following security advisories are not being addressed in the package repositories on any mirror I've tried, and I've tried about 5-6 different ones:

CESA-2018:3157 Moderate CentOS 7 curl Security Update

Code: Select all

Remote package installed : curl-7.29.0-46.el7
Should be                : curl-7.29.0-51.el7

Remote package installed : libcurl-7.29.0-46.el7
Should be                : libcurl-7.29.0-51.el7

Remote package installed : nss-pem-1.0.3-4.el7
Should be                : nss-pem-1.0.3-5.el7

CESA-2018:3059 Low CentOS 7 freeglut Security Update

Code: Select all

Remote package installed : libX11-1.6.5-1.el7
Should be                : libX11-1.6.5-2.el7

Remote package installed : libX11-common-1.6.5-1.el7
Should be                : libX11-common-1.6.5-2.el7

Remote package installed : libXfont-1.5.2-1.el7
Should be                : libXfont-1.5.4-1.el7

Remote package installed : libdrm-2.4.83-2.el7
Should be                : libdrm-2.4.91-3.el7

Remote package installed : libxcb-1.12-1.el7
Should be                : libxcb-1.13-1.el7

Remote package installed : xorg-x11-font-utils-7.5-20.el7
Should be                : xorg-x11-font-utils-7.5-21.el7

CESA-2018:3408 Important CentOS 7 git Security Update

Code: Select all

Remote package installed : git-1.8.3.1-14.el7_5
Should be                : git-1.8.3.1-20.el7

Remote package installed : perl-Git-1.8.3.1-14.el7_5
Should be                : perl-Git-1.8.3.1-20.el7

CESA-2018:3092 Moderate CentOS 7 glibc Security Update

Code: Select all

Remote package installed : glibc-2.17-222.el7
Should be                : glibc-2.17-260.el7

Remote package installed : glibc-common-2.17-222.el7
Should be                : glibc-common-2.17-260.el7

CESA-2018:3083 Important CentOS 7 kernel Security Update

Code: Select all

Remote package installed : kernel-3.10.0-862.14.4.el7
Should be                : kernel-3.10.0-957.el7

Remote package installed : kernel-tools-3.10.0-862.14.4.el7
Should be                : kernel-tools-3.10.0-957.el7

Remote package installed : kernel-tools-libs-3.10.0-862.14.4.el7
Should be                : kernel-tools-libs-3.10.0-957.el7

Remote package installed : python-perf-3.10.0-862.14.4.el7
Should be                : python-perf-3.10.0-957.el7

CESA-2018:3140 Moderate CentOS 7 xdg-desktop-portal-gtk Security Update

Code: Select all

Remote package installed : cairo-1.14.8-2.el7
Should be                : cairo-1.15.12-3.el7

Remote package installed : fontconfig-2.10.95-11.el7
Should be                : fontconfig-2.13.0-4.3.el7

Remote package installed : freetype-2.4.11-15.el7
Should be                : freetype-2.8-12.el7

Remote package installed : gdk-pixbuf2-2.36.5-1.el7
Should be                : gdk-pixbuf2-2.36.12-3.el7

Remote package installed : glib-networking-2.50.0-1.el7
Should be                : glib-networking-2.56.1-1.el7

Remote package installed : glib2-2.54.2-2.el7
Should be                : glib2-2.56.1-2.el7

Remote package installed : gobject-introspection-1.50.0-1.el7
Should be                : gobject-introspection-1.56.1-1.el7

Remote package installed : gsettings-desktop-schemas-3.24.1-2.el7_5
Should be                : gsettings-desktop-schemas-3.28.0-2.el7

Remote package installed : harfbuzz-1.3.2-1.el7
Should be                : harfbuzz-1.7.5-2.el7

Remote package installed : libcroco-0.6.11-1.el7
Should be                : libcroco-0.6.12-4.el7

Remote package installed : librsvg2-2.40.16-1.el7
Should be                : librsvg2-2.40.20-1.el7

Remote package installed : libsoup-2.56.0-6.el7
Should be                : libsoup-2.62.2-2.el7

Remote package installed : libwayland-client-1.14.0-2.el7
Should be                : libwayland-client-1.15.0-1.el7

Remote package installed : libwayland-server-1.14.0-2.el7
Should be                : libwayland-server-1.15.0-1.el7

Remote package installed : pango-1.40.4-1.el7
Should be                : pango-1.42.4-1.el7

CESA-2018:3073 Moderate CentOS 7 zsh Security Update

Code: Select all

Remote package installed : zsh-5.0.2-28.el7
Should be                : zsh-5.0.2-31.el7

CESA-2018:3032 Low CentOS 7 binutils Security Update

Code: Select all

Remote package installed : binutils-2.27-28.base.el7_5.1
Should be                : binutils-2.27-34.base.el7

CESA-2018:3324 Moderate CentOS 7 fuse Security Update

Code: Select all

Remote package installed : fuse-2.9.2-10.el7
Should be                : fuse-2.9.2-11.el7

Remote package installed : fuse-libs-2.9.2-10.el7
Should be                : fuse-libs-2.9.2-11.el7

CESA-2018:3253 Low CentOS 7 jasper Security Update

Code: Select all

Remote package installed : jasper-libs-1.900.1-31.el7
Should be                : jasper-libs-1.900.1-33.el7

CESA-2018:3071 Low CentOS 7 krb5 Security Update

Code: Select all

Remote package installed : krb5-libs-1.15.1-19.el7
Should be                : krb5-libs-1.15.1-34.el7

CESA-2018:3327 Low CentOS 7 libmspack Security Update

Code: Select all

Remote package installed : libmspack-0.5-0.5.alpha.el7
Should be                : libmspack-0.5-0.6.alpha.el7

CESA-2018:3221 Moderate CentOS 7 openssl Security Update

Code: Select all

Remote package installed : openssl-1.0.2k-12.el7
Should be                : openssl-1.0.2k-16.el7

Remote package installed : openssl-libs-1.0.2k-12.el7
Should be                : openssl-libs-1.0.2k-16.el7

CESA-2018:3041 Moderate CentOS 7 python Security Update

Code: Select all

Remote package installed : python-2.7.5-69.el7_5
Should be                : python-2.7.5-76.el7

Remote package installed : python-libs-2.7.5-69.el7_5
Should be                : python-libs-2.7.5-76.el7

CESA-2018:3249 Low CentOS 7 setup Security Update

Code: Select all

Remote package installed : setup-2.8.71-9.el7
Should be                : setup-2.8.71-10.el7

CESA-2018:3052 Moderate CentOS 7 wget Security Update

Code: Select all

Remote package installed : wget-1.14-15.el7_4.1
Should be                : wget-1.14-18.el7

CESA-2018:3107 Moderate CentOS 7 wpa_supplicant Security Update

Code: Select all

Remote package installed : wpa_supplicant-2.6-9.el7
Should be                : wpa_supplicant-2.6-12.el7

Here are the mirrors I've tried having yum use, to no avail, it reports no updates. I'll link the Packages directory so you can see the packages simply aren't there (for the newer versions):
https://centos.hysing.is/7/os/x86_64/Packages/
http://fedora.is/centos/7/os/x86_64/Packages/
https://mirror.netsite.dk/centos/7/os/x86_64/Packages/
http://mirror.nyherji.is/centos/7/os/x86_64/Packages/
http://mirror.duomenucentras.lt/centos/ ... /Packages/
http://mirror.23media.de/centos/7/os/x86_64/Packages/
http://mirror.karneval.cz/pub/centos/7/ ... /Packages/

Re: Where are the security updates?

Posted: 2018/11/30 11:05:22

by TrevorH

All those packages are part of 7.6 which has not yet been released. You can get advance access to what will be 7.6 by enabling the CR repo using, e.g. yum --enablerepo=cr update (may also need --noplugins or priority= adjusting in the repo file if you have priority assigned to base/updates already).

Re: Where are the security updates?

Posted: 2018/11/30 12:23:38

by henrythor

Thanks for that.