remediating vulnerabilities

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

remediating vulnerabilities

L2 Linker

My scanning team keeps finding vulnerabilities on Expedition and keep requesting I patch them. They all seem to be related to Linux not Expedition itself. I know that I can't upgrade the version of Ubuntu that it runs on. Suggestions? 

 

list of some of the vulnerabilities

 

Apache

CVE-2017-15715

CVE-2016-8743

CVE-2019-0211

CVE-2018-1333

CVE-2016-2161

CVE-2016-8740

CVE-2016-5387

CVE-2017-15710

CVE-2016-0736

CVE-2018-1303

CVE-2016-4979

CVE-2017-9798

CVE-2019-0217

CVE-2018-17199

 

 

18 REPLIES 18

run this on the test machine and I get this

 

expedition@Expedition:~$ sudo apt upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages have been kept back:
libmariadbclient18 libmysqlclient18 mariadb-client mariadb-client-10.1 mariadb-client-core-10.1 mariadb-server mariadb-server-10.1 mariadb-server-core-10.1
The following packages will be upgraded:
expedition-beta
1 upgraded, 0 newly installed, 0 to remove and 8 not upgraded.
Need to get 43.7 MB of archives.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n]

 

but on my production machine I get this

expedition@Expedition:~$ sudo apt upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following package was automatically installed and is no longer required:
liblua5.1-0
Use 'sudo apt autoremove' to remove it.
The following NEW packages will be installed:
libbrotli1 libjansson4 liblua5.2-0 libnghttp2-14 libssl1.1 motd-news-config
The following packages have been kept back:
libmariadbclient18 libmysqlclient18 mariadb-client mariadb-client-10.1 mariadb-client-core-10.1 mariadb-server mariadb-server-10.1 mariadb-server-core-10.1
The following packages will be upgraded:
apache2 apache2-bin apache2-data apache2-utils base-files cloud-guest-utils galera-3 grub-common grub-legacy-ec2 grub-pc grub-pc-bin grub2-common initramfs-tools initramfs-tools-bin
initramfs-tools-core libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libfastjson-dev libfastjson4 libgeoip1 libgnutls-openssl27 libgnutls30 libpam-modules libpam-modules-bin
libpam-runtime libpam-systemd libpam0g libpython3.6-minimal libpython3.6-stdlib libsystemd0 libudev1 mariadb-common mysql-common openssh-client openssh-server openssh-sftp-server openssl
python3-distupgrade python3-gdbm python3.6 python3.6-minimal python3.7-distutils python3.7-lib2to3 rsyslog sosreport systemd systemd-sysv ubuntu-keyring ubuntu-minimal ubuntu-release-upgrader-core
ubuntu-server ubuntu-standard udev update-notifier-common
56 upgraded, 6 newly installed, 0 to remove and 8 not upgraded.
Need to get 16.1 kB/29.9 MB of archives.
After this operation, 8,466 kB of additional disk space will be used.
Do you want to continue? [Y/n] y

 

and it fails when I hit y

Hello @rodill 

 

Do you have the same repo lists on both boxes?

 

/etc/apt/sources.list.d/

test box

 

expedition@Expedition:~$ ls /etc/apt/sources.list.d/
adiscon-ubuntu-v8-stable-xenial.list

deadsnakes-ubuntu-ppa-xenial.list

ex-repo.list

jonathonf-ubuntu-python-3_6-xenial.list ondrej-ubuntu-apache2-xenial.list

rabbitmq.list.save
adiscon-ubuntu-v8-stable-xenial.list.save

deadsnakes-ubuntu-ppa-xenial.list.save

ex-repo.list.save

jonathonf-ubuntu-python-3_6-xenial.list.save r

abbitmq.list

 

prod box

 

expedition@Expedition:~$ ls /etc/apt/sources.list.d/
adiscon-ubuntu-v8-stable-xenial.list

deadsnakes-ubuntu-ppa-xenial.list.save

jonathonf-ubuntu-python-3_6-xenial.list

ondrej-ubuntu-apache2-xenial.list.save
adiscon-ubuntu-v8-stable-xenial.list.save

ex-repo.list

jonathonf-ubuntu-python-3_6-xenial.list.save

rabbitmq.list
deadsnakes-ubuntu-ppa-xenial.list

ex-repo.list.save

ondrej-ubuntu-apache2-xenial.list

rabbitmq.list.save

Hello @rodill 

 

It might be better to have a session when you have time, please reach out to fwmigrate@paloaltonetworks.com and ask for me so I can set something up.

  • 8122 Views
  • 18 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!