Consider that vulnerability scanners are 99% of the time **unaware** of how the Ubuntu Security Team does updates.
Please compare what vulnerabilities are being reported against the corresponding CVEs on the Security Team CVE tracker (http://people.canonical.com/~ubuntu-security/cve/) and then depending on whether it's reported as fixed or not, adjust your rules for those detections. (I do this in Nessus - with individual scans of my Ubuntu infrastructure adjusted on a per-host basis so that it doesn't trigger on certain events, because it's already resolved but the scanners are unable to actually recognize it). Thomas Ubuntu Server Team Member LP: ~teward On 10/10/2017 04:54 PM, Thomas Gertin wrote: > Hello, > > I am getting 4 high vulnerability assessments from my Common > Vulnerabilities and Exposures-1.1 rules package. They all recommend > updating my zlib package. I have updated my zlib package and it is > up-to-date with version 1.2.8. However, it still produces the same > vulnerability assessments, and I think I may need to update it > further. I have Ubuntu 14.04.5 LTS. Can anybody help on how to do > this? > > Thanks, > > Tom >
-- Ubuntu-devel-discuss mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
