Hello!
My system is running on Debian 9 (Stretch) and I’m using Vuls 0.12.3. Encountered strange Vuls behavior.
First, it says that bind9 version 1:9.11.5.P4+dfsg-5.1+deb10u5 is vulnerable to CVE-2018-5740. However, Debian security tracker says the opposite.
Possible reason – that version of bind9 made for Debian 10 (Buster), but I do not sure.
Second, vuls says, that squid3 version 3.5.23-5+deb9u7 is vulnerable to CVE-2021-33620. However, Debian security tracker says the opposite.
Possible reason – that version of squid3 made for Stretch-security.
I would really appreciate any help with explanation, cause sometimes I have a huge number of false positives.
We do not support older versions of Vuls, please make sure you have the latest version of Vuls to try. Please let me know if this happens with the latest version.
Hello! My system is running on Debian 9 (Stretch) and I’m using Vuls 0.12.3. Encountered strange Vuls behavior.
First, it says that bind9 version 1:9.11.5.P4+dfsg-5.1+deb10u5 is vulnerable to CVE-2018-5740. However, Debian security tracker says the opposite. Possible reason – that version of bind9 made for Debian 10 (Buster), but I do not sure.
Second, vuls says, that squid3 version 3.5.23-5+deb9u7 is vulnerable to CVE-2021-33620. However, Debian security tracker says the opposite. Possible reason – that version of squid3 made for Stretch-security.
I would really appreciate any help with explanation, cause sometimes I have a huge number of false positives.