Hi, Tenable is complaining that our CentOS Stream release 8 system is vulnerable because it has php 7.2.24-1.module_el8.2... and it should have php 7.4.19-1.module_el8.5 On the mirror, I can see the PHP 7.4.19-1 and 7.4.19-2 in <mirror>/centos/8-stream/Appstream/x86_64/os/packages However, dnf list is stuck at 7.2.24-1 dnf clean all didn't help. How do I get my systems to "see" the 7.4 packages? The remi repo is not a good option for my company, we'd rather use the Appstream package since it is there. Are there reasons not to upgrade? If yes, does RedHat plan to apply the security updates to 7.2? Thank you in advance for any feedback Val?re Binet
Am 07.07.22 um 17:28 schrieb Valere Binet:> Hi, > > Tenable is complaining that our CentOS Stream release 8 system is > vulnerable because it has php 7.2.24-1.module_el8.2... and it should have > php 7.4.19-1.module_el8.5 > > On the mirror, I can see the PHP 7.4.19-1 and 7.4.19-2 in > <mirror>/centos/8-stream/Appstream/x86_64/os/packages > However, dnf list is stuck at 7.2.24-1 > dnf clean all didn't help. > > How do I get my systems to "see" the 7.4 packages? The remi repo is not a > good option for my company, we'd rather use the Appstream package since it > is there. > Are there reasons not to upgrade? If yes, does RedHat plan to apply the > security updates to 7.2? > > Thank you in advance for any feedbackhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/installing_managing_and_removing_user-space_components/finding-rhel-8-content_using-appstream -- Leon
dnf module reset php dnf module enable php:7.4 dnf upgrade On Thu, Jul 7, 2022 at 8:58 PM Valere Binet <valere.binet at gmail.com> wrote:> > Hi, > > Tenable is complaining that our CentOS Stream release 8 system is > vulnerable because it has php 7.2.24-1.module_el8.2... and it should have > php 7.4.19-1.module_el8.5 > > On the mirror, I can see the PHP 7.4.19-1 and 7.4.19-2 in > <mirror>/centos/8-stream/Appstream/x86_64/os/packages > However, dnf list is stuck at 7.2.24-1 > dnf clean all didn't help. > > How do I get my systems to "see" the 7.4 packages? The remi repo is not a > good option for my company, we'd rather use the Appstream package since it > is there. > Are there reasons not to upgrade? If yes, does RedHat plan to apply the > security updates to 7.2? > > Thank you in advance for any feedback > > Val?re Binet > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos