Text only | Text with Images

Cobra Forum

Linux Specialised Support => Security => Topic started by: kalpana on Nov 03, 2023, 04:40 AM

Title: Security patches release strategy?
Post by: kalpana on Nov 03, 2023, 04:40 AM
Hello,

On my Ubuntu 20.04.6 LTS, multiple vulnerabilities with Critical status were detected by the Wazuh scanner.

For example:
https://ubuntu.com/security/CVE-2022-28734
https://ubuntu.com/security/CVE-2022-28734
https://ubuntu.com/security/CVE-2016-1585
https://nvd.nist.gov/vuln/detail/CVE-2022-48174
https://ubuntu.com/security/CVE-2016-1585

And some others.

Some of them exist for more than three months.

I have also installed RHEL 8.8, where Wazuh shows 0 Critical CVE.

Is it a normal situation for Ubuntu? I have always thought that when a critical CVE is identified, it should be patched as thoroughly and quickly as possible.
Text only | Text with Images