-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
grub related packages reported as vulnerable without a means to fix #81
Comments
Hi - Same issue on 20.04... ~$ apt-cache madison grub-common grub-pc ~$ sudo cvescan -p all CVE ID PRIORITY PACKAGE FIXED VERSION REPOSITORY Summary Ubuntu Release focal ~$ sudo apt-get update ~$ sudo apt-get upgrade |
Looks like its broken in here: https://people.canonical.com/~ubuntu-security/cvescan/ubuntu-vuln-db-focal.json.bz2 |
cvescan
is reporting the following packages as vulnerable to several CVEs:grub-common
,grub-pc
,grub-pc-bin
,grub2-common
. It recommends upgrading each to version2.04-1ubuntu44.1.2
but no such version exists for those packages.Full example reproducing what I'm seeing (in a docker container with
docker run --rm -it ubuntu:18.04 /bin/bash
):The text was updated successfully, but these errors were encountered: