For GOS 21.04, a new patch level is available.
The release implements two important security updates:
- The package openssl included in GOS was upgraded to version 1.1.1n-0+deb10u2 as the former version 1.1.1n-0+deb10u1 is vulnerable to CVE-2022-1292.
- The package postgresql included in GOS was upgraded to version 11.16-0+deb10u1 as the former version 11.14-0+deb10u1 is vulnerable to CVE-2022-1552.
Please note that this is a precautionary measure taken by Greenbone, but we currently have no information about actual exploitation of the vulnerabilities.
We recommend everyone to upgrade to GOS 21.04.17.
Additionally, an error was fixed where a wrong check was used to determine whether a beaming image can be imported. The corresponding dialog in the GOS administration menu was adjusted to clarify the requirements for importing a beaming image.
In total, GOS 21.04.17 covers 3 improvements and 1 bug fix. For a complete list of changes, see the Roadmap & Lifecycle page:
https://www.greenbone.net/en/roadmap-lifecycle/#gos-21-04