Tweet
a while back there i asked about vulnerability paches being listed in the kernel changelog. At the time cloudlinux was not getting the vulnerability CVE number in the change log for easy look up. At that time, it was suggested this was going to be fixed and changed. Has this been addressed? Are we able to use a changelog grep for CVE paches yet?
now specifically, one PCI scanner looking at my server is listing this old vulnerability CVE-2012-1146
rpm -q --changelog kernel-2.6.32-531.29.2.lve1.3.11.1.el6.x86_64 | grep CVE-2012-1146
doesnt show it patched.
googling: cve-2012-1146 site:cloudlinux.com
doesnt show it addressed.
how do I demonstrate to the PCI scan service that this has been addressed on the servers?
now specifically, one PCI scanner looking at my server is listing this old vulnerability CVE-2012-1146
rpm -q --changelog kernel-2.6.32-531.29.2.lve1.3.11.1.el6.x86_64 | grep CVE-2012-1146
doesnt show it patched.
googling: cve-2012-1146 site:cloudlinux.com
doesnt show it addressed.
how do I demonstrate to the PCI scan service that this has been addressed on the servers?
Comment