While a Centos Linux server version is still supported, its application security updates is provided by the distro and its related repository. Application security updates are maintained by most large projects such as Apache HTTPD 2.4 and Supervisor.
Side note, there is a nice article on use of CentOS Stream at crunchtools.
Few things that can be done.
Identify the installed Centos.
uname -r
cat /etc/redhat-release
View latest security advisory CVEs.
yum updateinfo list cves
sudo dnf updateinfo list security
sudo dnf list-security
If above information doesn't show any applications, then there are no security related updates. General updates is viewed with
sudo dnf updateinfo list
Check update for HTTPD. As shown below, there is an available package for update, but no CVE is ragged..
dnf check-update httpd
dnf info httpd
In this next example, there is a CVE tagged to the update.
dnf check-update supervisor
dnf info supervisor
rpm -q --changelog httpd
rpm -q --changelog supervisor
The said changes can then be updated
sudo dnf update supervisor
No comments:
Post a Comment