View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000291 | AlmaLinux-8 | -OTHER | public | 2022-08-06 12:57 | 2022-08-09 09:30 |
Reporter | ap8 | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | always |
Status | new | Resolution | open | ||
Platform | x86_64 | OS | AlmaLinux | OS Version | 8 |
Summary | 0000291: Errata entry missing for httpd | ||||
Description | Advisory https://access.redhat.com/errata/RHSA-2022:5163 for CVE-2020-13950 is missing from AlmaLinux errata, but it is present in RockyLinux (https://errata.rockylinux.org/RLSA-2022:5163) and Oracle Linux (https://linux.oracle.com/errata/ELSA-2022-5163.html). | ||||
Steps To Reproduce | In RockyLinux: <code> [[email protected] ~]# dnf updateinfo --info --all --cve CVE-2020-13950 Last metadata expiration check: 1:23:17 ago on Sat 06 Aug 2022 11:23:52 UTC. =============================================================================== Low: httpd:2.4 security update =============================================================================== Update ID: RLSA-2022:5163 Type: security Updated: 2022-07-07 20:12:43 CVEs: CVE-2020-13950 Description: For more information visit https://errata.rockylinux.org/RLSA-2022:5163 Severity: Low Installed: true [[email protected] ~]# </code> In AlmaLimux: <code> [[email protected] ~]# dnf updateinfo --info --all --cve CVE-2020-13950 Last metadata expiration check: 1:25:21 ago on Sat 06 Aug 2022 11:20:58 UTC. [[email protected] ~]# </code> | ||||
Tags | No tags attached. | ||||
abrt_hash | |||||
URL | |||||
|
Just an observation. The output on RHEL 8 looks similar to the one on Alma: $ sudo dnf updateinfo --info --all --cve CVE-2020-13950 Updating Subscription Management repositories. Last metadata expiration check: 0:26:50 ago on Mon 08 Aug 2022 03:35:41 PM PDT. |
|
Thanks @toracat. I do not have access to a RHEL8 instance so I could not check before reporting the bug. I tried OracleLinux8 and that also behaves like AlmaLinux8 and RHEL8 (i.e. no output). Nonetheless, I assume there may be something missing in AlmaLinux because if you search for `5163` in https://errata.almalinux.org/ you get nothing, but you get the advisory if you search for the same in RockyLinux (https://errata.rockylinux.org/) and RHEL (https://access.redhat.com/errata-search/#/?q=5163&p=1&sort=portal_publication_date%20desc&rows=10&portal_advisory_type=Security%20Advisory&portal_product=Red%20Hat%20Enterprise%20Linux&portal_product_version=8) errata pages. |