Open danielwangksu opened 3 years ago
I have uno-libs3 installed:
Package: uno-libs3 Version: 6.0.7-0ubuntu0.18.04.10 Priority: optional Section: libs Source: libreoffice (1:6.0.7-0ubuntu0.18.04.10) Origin: Ubuntu
cve-scan still report vulnerabilities:
CVE-2019-9848 medium uno-libs3 1:6.0.7-0ubuntu0.18.04.8 Ubuntu Archive CVE-2019-9848 medium ure 1:6.0.7-0ubuntu0.18.04.8 Ubuntu Archive CVE-2019-9849 medium uno-libs3 1:6.0.7-0ubuntu0.18.04.8 Ubuntu Archive CVE-2019-9849 medium ure 1:6.0.7-0ubuntu0.18.04.8 Ubuntu Archive CVE-2019-9850 medium uno-libs3 1:6.0.7-0ubuntu0.18.04.9 Ubuntu Archive CVE-2019-9850 medium ure 1:6.0.7-0ubuntu0.18.04.9 Ubuntu Archive CVE-2019-9851 medium uno-libs3 1:6.0.7-0ubuntu0.18.04.9 Ubuntu Archive CVE-2019-9851 medium ure 1:6.0.7-0ubuntu0.18.04.9 Ubuntu Archive CVE-2019-9852 medium uno-libs3 1:6.0.7-0ubuntu0.18.04.9 Ubuntu Archive CVE-2019-9852 medium ure 1:6.0.7-0ubuntu0.18.04.9 Ubuntu Archive CVE-2019-9853 medium uno-libs3 1:6.0.7-0ubuntu0.18.04.9 Ubuntu Archive CVE-2019-9853 medium ure 1:6.0.7-0ubuntu0.18.04.9 Ubuntu Archive CVE-2019-9854 medium uno-libs3 1:6.0.7-0ubuntu0.18.04.10 Ubuntu Archive CVE-2019-9854 medium ure 1:6.0.7-0ubuntu0.18.04.10 Ubuntu Archive
I think this is because dpkg does not include epoch number for some packages
dpkg
dpkg -l | grep uno-libs3 ✔ 1649 11:43:20 ii uno-libs3 6.0.7-0ubuntu0.18.04.10 amd64 LibreOffice UNO runtime environment -- public shared libraries
I have uno-libs3 installed:
cve-scan still report vulnerabilities:
I think this is because
dpkgdoes not include epoch number for some packages