My security team ran a scan of my servers and it found that I need to install CVE-2018-14633 and CVE-2018-14646. I tried doing this via yum but it appears that this is not possible. How do I update/install CVEs?
CentOS does not have official errata: the CentOS upstream repos do not have an UPDATEINFO.XML
So I followed the steps at http://updateinfo.cefs.steve-meier.de