Ubuntu 22.04 LTS strange results

Ubuntu: Security Advisory (USN-5446-1) OID: 1.3.6.1.4.1.25623.1.1.12.2022.5446.1
Version used: 2022-09-13T14:14:11Z

Vulnerable package: dpkg
Installed version: dpkg-dev-1.21.1ubuntu2.1
Fixed version: dpkg-1.21.1ubuntu2.1

Actually installed version: dpkg-1.21.1ubuntu2.1. dpkg-dev is not installed.

Ubuntu: Security Advisory (USN-5388-1) OID: 1.3.6.1.4.1.25623.1.1.12.2022.5388.1

Vulnerable package: openjdk-11-jdk
Installed version: openjdk-11-jdk-11.0.16+8-0ubuntu1~22.04
Fixed version: openjdk-11-jdk-11.0.15+10-0ubuntu0.22.04.1

Vulnerable package: openjdk-11-jdk-headless
Installed version: openjdk-11-jdk-headless-11.0.16+8-0ubuntu1~22.04
Fixed version: openjdk-11-jdk-headless-11.0.15+10-0ubuntu0.22.04.1

Vulnerable package: openjdk-11-jre
Installed version: openjdk-11-jre-11.0.16+8-0ubuntu1~22.04
Fixed version: openjdk-11-jre-11.0.15+10-0ubuntu0.22.04.1

Vulnerable package: openjdk-11-jre-headless
Installed version: openjdk-11-jre-headless-11.0.16+8-0ubuntu1~22.04
Fixed version: openjdk-11-jre-headless-11.0.15+10-0ubuntu0.22.04.1

11.0.16 is higher than 11.0.15, or not?

Ubuntu: Security Advisory (USN-5427-1) OID: 1.3.6.1.4.1.25623.1.1.12.2022.5427.1

Vulnerable package: apport
Installed version: apport-symptoms-0.24
Fixed version: apport-2.20.11-0ubuntu82.1

apport-2.20.11-0ubuntu82.1 is actually installed.
apport-symptoms is a different package.

All problems should originating from issues in the new notus-scanner handling such package manager based checks now (since 22.04+).

These issues have been already fixed with the following PRs linked below but a new release of notus-scanner for the Greenbone Community Edition seems to be still outstanding to include these.

• Fix: False positive Debian Package Comparison by Kraemii · Pull Request #293 · greenbone/notus-scanner · GitHub
• Fix: parsing for debian packages with a - in the name by Kraemii · Pull Request #295 · greenbone/notus-scanner · GitHub
• Possibly a few more

Thanks for the clue. I can’t find the way how to upgrade Greenbone Community Source Edition 22.4.0. The documentation “Building 22.4 from Source” produce the same 22.4.0, not 22.4.4.

I have just cloned the latest version of the notus-scanner by git from GitHub and installed just that. I do not have any issues with false-positives described in my original post anymore.
Thank you!

This looks expected and the mention of 22.4.4 might have caused some confusion. Only the Greenbone Enterprise Edition is currently at 22.4.4, the Greenbone Community Edition is still at 22.4.0 (see Greenbone Community Edition 22.4 (stable, initial release 2022-07-25)).