High and Critical CVEs patched by TuxCare since EOL
CentOS 8 is now, of course, officially end of life. But if you’re still running it now, relax. You have a safe haven for CentOS 8 at TuxCare, giving you until Jan 2026 to execute and plan your migration.
We’ve been supporting older versions of Linux for years and today, over 100,000 end of life Linux nodes are getting cybersecurity updates and fixes from TuxCare.
What happened with CentOS EOL?
In December 2020, Red Hat Software, the sponsor of the CentOS community release, changed course and advised the Linux community that it will stop producing stable releases of CentOS Linux. CentOS 8 would be the last release that is 1:1 binary compatible with a Red Hat Enterprise Linux release.
Only the rolling release, CentOS Stream, would now continue to be developed by Red Hat. At the same time, Red Hat advised system administrators that CentOS 8 will reach end of life in Dec 2021 – which is years earlier than expected.
What are the consequences?
For many workloads, CentOS Stream cannot function as an enterprise Linux solution because a rolling release doesn’t give enterprise users the time to battle test new operating system versions. By cutting official support for CentOS 8 short and with no release date for a new version Red Hat put many companies in a difficult position.
Enterprise users and web hosts need to choose between a risky, rapid transition to an alternative commercial or community release such as AlmaLinux, RockyLinux, or Ubuntu – or taking unacceptable risks in running unsupported Linux systems.
Extended lifecycle support is a simple concept that buys you time to migrate to an alternative Linux distribution. It’s straightforward: as soon as a new security vulnerability is found or if bug fixes are needed, TuxCare immediately develops a patch that you can deploy across your Linux systems using traditional package management tools. We don’t wait for the vendor to release a patch. Instead, we rely on our experienced in-house developers to analyze the vulnerability, rapidly releasing a patch that’s just as effective as the official vendor patch.
TuxCare gives you exactly the same critical updates and patches you would get if you still had official vendor support, including:
Fast patch delivery that comes with an SLA guarantee for critical vulnerabilities and exposures (CVEs)
Access to 24/7 support services thanks to a ticket system, alongside technical account management
Optional rebootless service installation making sure your infrastructure remains always available
Patches produced by a team with over a decade’s experience in developing and maintaining RHEL-based derivatives
Easy to swap into place solution with full compatibility with current infrastructure
Peace of mind because your end of life CentOS 8 distribution keeps running securely
Switching extended lifecycle supportis easy as 1-2-3
It’s quick and easy to enable extended lifecycle support across your CentOS 8 fleet. All it takes is running a short script on your Linux servers, and you’re up and running with TuxCare’s end of life support for CentOS 8.
We also give you the option to run a local mirror of all the TuxCare extended lifecycle support updates, all easily done using rsync.
You can rely on TuxCare to continually update kernel, Apache, PHP, Glibc, OpenSSL, OpenSSH, and
That includes ...
Extended Lifecycle Support for major Enterprise Linux Distributions
TuxCare’s Extended Lifecycle Support is also available for other operating systems, including:
You can rely on Extended Lifecycle Support for CentOS Stream 8 to continue receiving security updates all the way through June 2028 – so that you have enough time to migrate to another Linux distribution securely.
With TuxCare’s Extended Lifecycle support, you can further lengthen the lifespan of Debian 10 by adding four more years beyond the five years offered by the Debian LTS project – ensuring security updates until June 2028.
TuxCare’s Extended Lifecycle Support gives you the same official security patches you used to get with CentOS 6, and we’ll continue to provide you with ongoing security support right through to November 2026.
CentOS 7 is going end of life in June 2024, but you can enjoy ongoing security updates through June 2029 with our Extended Lifecycle Support – buying time to plan your migration, while keeping your workload safe.
TuxCare will deliver Extended Lifecycle Support for Oracle Linux 6 until December 2024, saving you significantly on costs compared to Oracle Linux Premier Support while providing the same vulnerability coverage.
Buy yourself and your organization time to develop new production code while receiving ongoing security patches for out-of-support PHP versions with Extended Lifecycle Support to maintain the safety of your systems.
Python Extended Lifecycle Service from TuxCare breathes new life into code written for Python 2.7 so you can continue using your existing software on AlmaLinux, Rocky, or Red Hat Enterprise Linux 9 as before.
Save on costs compared to Ubuntu Pro for Ubuntu 16.04 when you choose TuxCare Extended Lifecycle Support for ongoing security maintenance, which will keep you protected for up to 4 years past the end-of-life date.
Choose TuxCare for Ubuntu 18.04 extended support and save significantly over an Ubuntu Pro subscription from Canonical, with security updates for your Ubuntu workloads lasting until April 2028.
Frequently Asked Questions
The official vendor support for CentOS 8 has now been discontinued. If you have any workloads still relying on CentOS 8 you won’t receive ongoing vendor updates. When a new vulnerability for CentOS 8 surfaces – and it will – you won’t get a fix, and your systems will be vulnerable to the resulting exploit.
However, you can sign up for TuxCare Extended Lifecycle Support (TLS) to cover you for security fixes for CentOS 8 right through to January 2026, just the same way Red Hat support would cover you, if it was still available.
Yes, but you need to find a way to ensure that you apply critical security patches. You can develop these patches in-house if your organization has the required Linux server kernel development expertise.
Your alternative is to partner with a vendor that can provide these patches for you. With TuxCare extended lifecycle support you can continue to use CentOS 8 right through to January 2026. However, you cannot continue using CentOS 8 on production systems without third-party support.
There are two parts to this answer. The CentOS project is continuing in the shape of CentOS Stream, a CentOS version that is a rolling release, continuous delivery Linux distribution that is essentially a preview of the regular RHEL stable releases issued by Red Hat.
The change lies in that there will no longer be new releases of a fixed, stable version of CentOS. With the respect to workloads that relied on binary compatibility with RHEL, CentOS 8 is now discontinued as the rolling release CentOS Stream will not be binary compatible with the latest RHEL release.
CentOS Stream is the replacement for CentOS 8. For some members of the CentOS community, CentOS Stream would be a suitable replacement for their workload, for example in some scientific or development environments or where just one or two machines are involved.
However, CentOS Stream’s rolling release nature means it’s not a replacement for many enterprise production workloads; or for web hosts who are CentOS users. And, in that sense, there is no direct replacement for CentOS 8, though alternative Linux distros include AlmaLinux, Amazon Linux, Oracle Linux, Rocky Linux, or even Ubuntu.