Hi,
hope, this is the right place for the question - and maybe it's a stupid beginner question...
Ubuntu Pro comes with "Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching". Therefore I got Ubuntu Pro for 22.04 LTS.
BUT (just examples)
- vim is included in version 8.2.3995. This version has some CVEs (e.g. CVE-2022-2182 or CVE-2022-286 and some more). Version 9.0 was released in June 2022 and fixes these CVEs.
- gradle is included in version 4.4.1. - released in 2017. Newest version is 8.1.1.
Is there a reason why these versions are not updated, even with Ubuntu Pro?
(Of course, there are more examples.)
Thanks a lot!
Andreas