RE : AWS Inspector Shows Critical Updates Pending But Instance Says Otherwise
Hi Team,
Instance ID - i-0e5934adddc2d8372
I've updated all the packages (See Libcurl-2.png).
But the Inspector still shows critical updates are pending on my instance (See Libcurl-1.png)
Requesting help in investigating this.
Eg :
This is what Inspector Shows For The Instance :
Affected packages
Name libcurl Installed version / Fixed Version 0:7.79.1-4.amzn2.0.1.X86_64 / 0:7.79.1-6.amzn2.0.1 Package manager OS Name curl Installed version / Fixed Version 0:7.79.1-4.amzn2.0.1.X86_64 / 0:7.79.1-6.amzn2.0.1 Package manager OS
This is what the Instance shows when trying to remediate (i.e update the package -> It says its already updated)
sh-4.2$ sudo yum update libcurl Loaded plugins: extras_suggestions, langpacks, priorities, update-motd amzn2-core | 3.7 kB 00:00:00 No packages marked for update sh-4.2$
- Newest
- Most votes
- Most comments
Hey there, There can be a couple of reasons for this.
- The repositories, yum update is using, to update the pacakges doesn't have latest patches/packages available.
- Some of the repositories which could have potential fixes available are in disabled state in your system or your instance doesn't have required access/permissions to connect to the base url of those repos.
- Packages to fix these vulnerabilities have not been release yet.
Thanks, Yogesh Aggarwal
Relevant content
AWS OFFICIALUpdated 2 months ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
Hi there, checking in if you were able to try the possibilities i shared earlier. If you found the answer helpful, please accept the answer.
Thanks, Yogesh Aggarwal