On Fri, 2017-08-25 at 19:57 +0800, 知乎申诉处理 wrote: > I've been dubbing with security vulnerabilities and their fix for a > while, recently I stumbled upon this CVE-2017-5335. > > In redhat official notice board :https://access.redhat.com/security/c > ve/cve-2017-5335 we can see there is a link point to advisory for > CentOS7.x: https://access.redhat.com/errata/RHSA-2017:2292 . from > there we can see that the fix happens at gnutls 3.3.26. > > But when trying to update from commandline, there is no 3.3.26 > available for CentOS 7.x. this can be verified using rpm finder: ht > tps://www.rpmfind.net/linux/rpm2html/search.php?query=gnutls > Only available rpm for CentOS 7.x is 3.3.24.
The RHEL advisories apply to RHEL. CentOS typically follows up, but it has its own release cycle. You'd better check with centos project on the details. regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
