For details on cookie usage on our site, read our Privacy Policy
remediating vulnerabilities
- LIVEcommunity
- Tools
- Expedition
- Expedition Discussions
- remediating vulnerabilities
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
remediating vulnerabilities
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-04-2021 06:41 AM
My scanning team keeps finding vulnerabilities on Expedition and keep requesting I patch them. They all seem to be related to Linux not Expedition itself. I know that I can't upgrade the version of Ubuntu that it runs on. Suggestions?
list of some of the vulnerabilities
Apache
CVE-2017-15715
CVE-2016-8743
CVE-2019-0211
CVE-2018-1333
CVE-2016-2161
CVE-2016-8740
CVE-2016-5387
CVE-2017-15710
CVE-2016-0736
CVE-2018-1303
CVE-2016-4979
CVE-2017-9798
CVE-2019-0217
CVE-2018-17199
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-04-2021 02:45 PM
Ign:30 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main Translation-en.diff/Index
Ign:17 https://www.rabbitmq.com/debian testing/main amd64 Packages
Ign:23 https://conversionupdates.paloaltonetworks.com expedition-updates/ Translation-en
Ign:31 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main amd64 Packages
Ign:18 https://www.rabbitmq.com/debian testing/main i386 Packages
Ign:12 https://www.rabbitmq.com/debian testing/main all Packages
Ign:25 https://conversionupdates.paloaltonetworks.com expedition-updates/ Packages
Ign:32 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main i386 Packages
Ign:13 https://www.rabbitmq.com/debian testing/main Translation-en_US
Ign:21 https://conversionupdates.paloaltonetworks.com expedition-updates/ Translation-en_US
Ign:14 https://www.rabbitmq.com/debian testing/main Translation-en
Ign:28 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main all Packages
Ign:17 https://www.rabbitmq.com/debian testing/main amd64 Packages
Ign:18 https://www.rabbitmq.com/debian testing/main i386 Packages
Ign:23 https://conversionupdates.paloaltonetworks.com expedition-updates/ Translation-en
Ign:29 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main Translation-en_US
Ign:12 https://www.rabbitmq.com/debian testing/main all Packages
Ign:13 https://www.rabbitmq.com/debian testing/main Translation-en_US
Hit:25 https://conversionupdates.paloaltonetworks.com expedition-updates/ Packages
Ign:33 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main Translation-en
Ign:14 https://www.rabbitmq.com/debian testing/main Translation-en
Ign:17 https://www.rabbitmq.com/debian testing/main amd64 Packages
Ign:21 https://conversionupdates.paloaltonetworks.com expedition-updates/ Translation-en_US
Ign:31 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main amd64 Packages
Ign:18 https://www.rabbitmq.com/debian testing/main i386 Packages
Ign:32 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main i386 Packages
Ign:12 https://www.rabbitmq.com/debian testing/main all Packages
Ign:23 https://conversionupdates.paloaltonetworks.com expedition-updates/ Translation-en
Ign:13 https://www.rabbitmq.com/debian testing/main Translation-en_US
Ign:28 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main all Packages
Ign:21 https://conversionupdates.paloaltonetworks.com expedition-updates/ Translation-en_US
Ign:14 https://www.rabbitmq.com/debian testing/main Translation-en
Err:17 https://www.rabbitmq.com/debian testing/main amd64 Packages
404 OK
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-04-2021 02:46 PM
404 OK
Ign:29 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main Translation-en_US
Ign:23 https://conversionupdates.paloaltonetworks.com expedition-updates/ Translation-en
Ign:18 https://www.rabbitmq.com/debian testing/main i386 Packages
Ign:33 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main Translation-en
Ign:31 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main amd64 Packages
Ign:32 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main i386 Packages
Ign:28 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main all Packages
Ign:29 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main Translation-en_US
Ign:33 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main Translation-en
Ign:31 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main amd64 Packages
Ign:32 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main i386 Packages
Ign:28 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main all Packages
Ign:29 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main Translation-en_US
Ign:33 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main Translation-en
Ign:31 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main amd64 Packages
Ign:32 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main i386 Packages
Ign:28 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main all Packages
Ign:29 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main Translation-en_US
Ign:33 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main Translation-en
Err:31 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main amd64 Packages
403 Forbidden [IP: 91.189.95.85 80]
Ign:32 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main i386 Packages
Ign:33 http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial/main Translation-en
Fetched 349 kB in 8s (41.8 kB/s)
Reading package lists...
W: The repository 'http://www.rabbitmq.com/debian testing Release' does not have a Release file.
W: The repository 'https://conversionupdates.paloaltonetworks.com expedition-updates/ Release' does not have a Release file.
W: The repository 'http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu xenial Release' does not have a Release file.
E: Failed to fetch https://www.rabbitmq.com/debian/dists/testing/main/binary-amd64/Packages 404 OK
E: Failed to fetch http://ppa.launchpad.net/jonathonf/python-3.6/ubuntu/dists/xenial/main/binary-amd64/Packages 403 Forbidden [IP: 91.189.95.85 80]
E: Some index files failed to download. They have been ignored, or old ones used instead.
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-04-2021 02:47 PM
tried to get it all in there, was too big to post
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-04-2021 03:26 PM
Hello @rodill
That may not mean anything as there is no release file from the repo, are you facing any errors after doing all of that? Please keep in mind since you upgraded ubuntu 16.04 it may cause problems with the expedition server and if that happens you will need to reinstall expedition on a fresh ubuntu 16.04.
- Mark as New
- Subscribe to RSS Feed
- Permalink
03-04-2021 03:33 PM
I haven't update the OS, this is how it came out of the box from palo
Welcome to Ubuntu 16.04.6 LTS (GNU/Linux 4.4.0-203-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Introducing self-healing high availability clusters in MicroK8s.
Simple, hardened, Kubernetes for production, from RaspberryPi to DC.
https://microk8s.io/high-availability
62 packages can be updated.
2 updates are security updates.
New release '18.04.5 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
it matches what we have on the test box
Welcome to Ubuntu 16.04.6 LTS (GNU/Linux 4.4.0-203-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Introducing self-healing high availability clusters in MicroK8s.
Simple, hardened, Kubernetes for production, from RaspberryPi to DC.
https://microk8s.io/high-availability
46 packages can be updated.
0 updates are security updates.
New release '18.04.5 LTS' available.
Run 'do-release-upgrade' to upgrade to it.
- Guidance for OpenSSL Vulnerability Disclosures (02/07/23) in Expedition Articles
- How to address CVE-2022-37026 vulnerability in Expedition in Expedition Articles
- How to remediate "Verify that Python Software Dependencies have been installed" Error on Dashboard in Expedition Articles
- Remediation for BPA in Expedition Discussions
- Vulnerability Name: 11213:HTTP TRACE / TRACK Methods Allowed in Expedition Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
