How to identify if CVE affect my distro?
https:/
In the above link, there multiple packages listed for different OS variants. I've a Ubuntu 16.04 LTS running in closed network and cannot be connected to the internet.
Do i need to check for each single package and update my OS variant for each of the package individually if CVE states "released"?
And what does the following status mean and what are the actions needed for the security vulnerability?
Status | Meaning/Actions
=======
released - a fix was released, just update will do?
DNE - not in any upstream or current version, can do nothing?
ignored - vulnerability exists but ignored coz not fixing due to EOL?
pending - working on a fix, release coming soon?
needed - need assessment for a fix, as though "needs-triage"?
Any help is greatly appreciated.
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- Ubuntu Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- Manfred Hampl
- Solved:
- Last query:
- Last reply: