News:

SMF - Just Installed!

Main Menu

Security patches release strategy?

Started by kalpana, Nov 03, 2023, 04:40 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

kalpana

Nov 03, 2023, 04:40 AM
Hello,

On my Ubuntu 20.04.6 LTS, multiple vulnerabilities with Critical status were detected by the Wazuh scanner.

For example:
https://ubuntu.com/security/CVE-2022-28734
https://ubuntu.com/security/CVE-2022-28734
https://ubuntu.com/security/CVE-2016-1585
https://nvd.nist.gov/vuln/detail/CVE-2022-48174
https://ubuntu.com/security/CVE-2016-1585

And some others.

Some of them exist for more than three months.

I have also installed RHEL 8.8, where Wazuh shows 0 Critical CVE.

Is it a normal situation for Ubuntu? I have always thought that when a critical CVE is identified, it should be patched as thoroughly and quickly as possible.
Print
Go Up Pages1
User actions