Il giorno mar 2 mar 2021 alle ore 07:34 Thiago Linhares <z.linha@gmail.com> ha scritto:

Hello there,

I wonder whats the right approach to get security updates for ovirt nodes? (installed using ovirt node iso image)

Eg.:
'sudo' package has a know vulnerability until version sudo-1.8.23-9.el7.x86_64.
When trying to update this package on a ovirt node, it would not.
Checking versionlock, I confirmed it is listed there:
# grep sudo /etc/yum/pluginconf.d/versionlock.list
0:libsss_sudo-1.16.4-37.el7_8.3.x86_64
0:sudo-1.8.23-9.el7.x86_64

Looks like you are using oVirt Node 4.3. Please note oVirt 4.3 gone End Of Life when oVirt 4.4 has been released.

Please upgrade to oVirt 4.4 as soon as practical in order to get security fixes in a timely manner.

Regards,
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/55FB5S5UVYXMKJRGWRYMQ72OBLKHZGU3/

Sandro Bonazzola

MANAGER, SOFTWARE ENGINEERING, EMEA R&D RHV

Red Hat EMEA

sbonazzo@redhat.com

Red Hat respects your work life balance. Therefore there is no need to answer this email out of your office hours.