AWS patching manager is patching Centos ec2 Machine with patchbase line having securtiy updates until approved 4/23/2023. But my EC2 is showing non-compliant with below details.
The package sudo version 1.8.23-10.el7_9.2 was detected in YUM/DNF package manager on a machine running CentOS 7.9.2009 is vulnerable to CVE-2023-22809, which exists in versions < 0:1.8.23-10.el7_9.3.
Recommended package version is 1.8.23-10.el7_9.3 or higher which was released in January.
Does patch manager doesn't update sudo package and what is the meaning of below patch manager log output.
u'sudo.x86_64:0:1.8.23-10.el7_9.2': {u'state': u'InstalledOther', u'installedTime': 1660955207, u'id': u'sudo.x86_64'},
AWS OFFICIALAktualisiert vor einem Jahr