Hi Thomas, On Tue, Oct 10, 2017 at 04:54:40PM -0400, Thomas Gertin wrote: > I am getting 4 high vulnerability assessments from my Common > Vulnerabilities and Exposures-1.1 rules package. They all recommend > updating my zlib package. I have updated my zlib package and it is > up-to-date with version 1.2.8. However, it still produces the same > vulnerability assessments, and I think I may need to update it > further. I have Ubuntu 14.04.5 LTS. Can anybody help on how to do > this?
First step: you should have a list of CVE identifiers for the vulnerabilities that your tooling believes exist. Look these up in Ubuntu's CVE database to see what the security team believes is the current state of those. You can find the CVE database at https://people.canonical.com/~ubuntu-security/cve/ Then, if you still have concerns, please post the specific CVEs that bother you and explain these concerns in the context of what our CVE database says our position is about them. If you are having difficulty in actually updating your system's packages, then this list is probably the wrong place for a discussion about that unless you have reason to think that there's a bug or other problem in Ubuntu in general, as opposed to just your system. Hope that helps, Robie
signature.asc
Description: PGP signature
-- Ubuntu-devel-discuss mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
