View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0018339CentOS-7generalpublic2021-10-28 07:402021-11-18 17:19
ReporterSumitgarg44 Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
Product Version7.9.2009 
Summary0018339: No announcements of CESA, CEBA etc for October
DescriptionI see Centos7.9 has the following updated packages. However, there are no announcements of CESA, CEBA on https://lists.centos.org/pipermail/centos-announce for October because of this patching tool (such as BigFix) is not able to ship those updates.

ca-certificates-2021.2.50-72.el7_9.noarch
glibc-2.17-325.el7_9.i686
glibc-2.17-325.el7_9.x86_64
glibc-common-2.17-325.el7_9.x86_64
glibc-devel-2.17-325.el7_9.x86_64
glibc-headers-2.17-325.el7_9.x86_64
grub2-1:2.02-0.87.el7.centos.7.x86_64
grub2-common-1:2.02-0.87.el7.centos.7.noarch
grub2-pc-1:2.02-0.87.el7.centos.7.x86_64
grub2-pc-modules-1:2.02-0.87.el7.centos.7.noarch
grub2-tools-1:2.02-0.87.el7.centos.7.x86_64
grub2-tools-extra-1:2.02-0.87.el7.centos.7.x86_64
grub2-tools-minimal-1:2.02-0.87.el7.centos.7.x86_64
iscsi-initiator-utils-6.2.0.874-21.el7_9.x86_64
iscsi-initiator-utils-iscsiuio-6.2.0.874-21.el7_9.x86_64
kernel-3.10.0-1160.45.1.el7.x86_64
kernel-debug-devel-3.10.0-1160.45.1.el7.x86_64
kernel-headers-3.10.0-1160.45.1.el7.x86_64
kernel-tools-3.10.0-1160.45.1.el7.x86_64
kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64
kpartx-0.4.9-135.el7_9.x86_64
nfs-utils-1:1.3.0-0.68.el7.2.x86_64
nspr-4.32.0-1.el7_9.x86_64
nss-3.67.0-3.el7_9.x86_64
nss-softokn-3.67.0-3.el7_9.x86_64
nss-softokn-freebl-3.67.0-3.el7_9.i686
nss-softokn-freebl-3.67.0-3.el7_9.x86_64
nss-sysinit-3.67.0-3.el7_9.x86_64
nss-tools-3.67.0-3.el7_9.x86_64
nss-util-3.67.0-1.el7_9.x86_64
openldap-2.4.44-24.el7_9.x86_64
openldap-clients-2.4.44-24.el7_9.x86_64
openldap-servers-2.4.44-24.el7_9.x86_64
openssl-1:1.0.2k-22.el7_9.x86_64
openssl-devel-1:1.0.2k-22.el7_9.x86_64
openssl-libs-1:1.0.2k-22.el7_9.x86_64
python-perf-3.10.0-1160.45.1.el7.x86_64
python2-rsa-3.4.2-3.el7.noarch
rpm-4.11.3-46.el7_9.x86_64
rpm-build-4.11.3-46.el7_9.x86_64
rpm-build-libs-4.11.3-46.el7_9.x86_64
rpm-libs-4.11.3-46.el7_9.x86_64
rpm-python-4.11.3-46.el7_9.x86_64
rpm-sign-4.11.3-46.el7_9.x86_64
sos-3.9-5.el7.centos.7.noarch
sudo-1.8.23-10.el7_9.2.x86_64
tzdata-2021c-1.el7.noarch
virt-what-1.18-4.el7_9.1.x86_64
libxml2-2.9.1-6.el7_9.6.x86_64
libxml2-python-2.9.1-6.el7_9.6.x86_64
TagsNo tags attached.
abrt_hash
URL

Activities

icycle

icycle

2021-11-01 20:57

reporter   ~0038699

I found this ticket while trying to find an answer to the same question by looking through CentOS web, git, and email archives but came up empty.

Is this text from the description a valid root cause or just speculation? "because of this patching tool (such as BigFix) is not able to ship those updates."

In general, is there more info somewhere on how to trace published RHSA's through CentOS ticket/test/release?
TrevorH

TrevorH

2021-11-01 21:02

manager   ~0038700

The initial reporter is reporting the fact that some CentOS security annoucement mails are missing. What uses those mails is anyone's guess but in their case they apparently use a "BigFix" tool but this is not a CentOS supplied or recommended tools (I've never heard of it before). The CentOS announce mails only have a pointer in them to the RH announcements from their errata page.
icycle

icycle

2021-11-02 18:54

reporter   ~0038701

Appreciate that info Trevor, makes more sense now.

I do want to highlight that there is an issue here though, I count 193 updated CentOS package files in the month of October in http://mirror.centos.org/centos/7/updates/x86_64/Packages/?C=M;O=D but no centos-announce (nor centos-cr-announce) emails. Like the orignal reporter, we use the CentOS mailing list as the authority for newly released CentOS7 packages.
Sumitgarg44

Sumitgarg44

2021-11-02 20:45

reporter   ~0038702

I appreciate Trevor and Icycle for adding more details to this. Issue with BigFix is not a speculation. I had to raise 2 requests earlier to get few missing announcements. Once CentOS has announcements the BigFix do publish updates associated with those announcements. I would assume if there is no another place to see latest info about released CESA or CEBA, then tools like BigFix can’t do anything. If announcements are not the correct place to look for latest CESA or CEBA then let me know the correct place please.
jrd

jrd

2021-11-09 04:12

reporter   ~0038724

There are RSS feeds at https://feeds.centos.org that might be of use. These are generated automatically and do not require human intervention to function.
Sumitgarg44

Sumitgarg44

2021-11-09 05:15

reporter   ~0038725

How this will be mapped to CESA, CEBA etc?
jrd

jrd

2021-11-09 05:26

reporter   ~0038726

In the general case ... they won't directly be mapped to any type of release. The best I can come up with off the top of my head is to look at the changelog snippets for each update and see if they contain a 'CVE' reference. This is nothing but a band-aid, if even that :(
Sumitgarg44

Sumitgarg44

2021-11-09 05:48

reporter   ~0038727

World would have been beautiful if announcements don’t require human intervention :)
icycle

icycle

2021-11-18 14:50

reporter   ~0038738

Appears to be working again, as of yesterday:
https://lists.centos.org/pipermail/centos-announce/2021-November/date.html
Sumitgarg44

Sumitgarg44

2021-11-18 17:19

reporter   ~0038739

Thank you for tracking this. Good to see this back.

Issue History

Date Modified Username Field Change
2021-10-28 07:40 Sumitgarg44 New Issue
2021-11-01 20:57 icycle Note Added: 0038699
2021-11-01 21:02 TrevorH Note Added: 0038700
2021-11-02 18:54 icycle Note Added: 0038701
2021-11-02 20:45 Sumitgarg44 Note Added: 0038702
2021-11-09 04:12 jrd Note Added: 0038724
2021-11-09 05:15 Sumitgarg44 Note Added: 0038725
2021-11-09 05:26 jrd Note Added: 0038726
2021-11-09 05:48 Sumitgarg44 Note Added: 0038727
2021-11-18 14:50 icycle Note Added: 0038738
2021-11-18 17:19 Sumitgarg44 Note Added: 0038739