I am running the Graylog Ubuntu20.04 appliance (fully patched).
We recently ran nessus against it, and have a number of CVE’s coming up. I ran a apt-get update and apt-get upgrade, and re-ran the scan but the vulnerabilities still show.
The version of Nginx installed is 1.14.0. If I query the ubuntu 20.04 repos form a different box, the nginx version available is 1.18.0.
Can someone provide me a way to get that set of packages updated?
I am so incredibly stupid.
I was assuming the OS version was 20.04, but it is NOT. I guess that explains things.
Ubuntu 18.04 latest version is 1.14.0 (which is of course what it is running).
Nessus is showing us a false positive (ubuntu security documentation page says it is patched in this version)
Sorry for the waste of time!
You found the solution though - mark it as an answer in case someone searches for the same question - it may help jostle them to a solution!
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.