Security of a new installation of CheckMK

General
1

Hello everyone,

I am redoing from scratch an Ubuntu Server 24.04LTS VM on which to run various software including CheckMK. At the end of the installation SIEM reported me a number of packages that have known vulnerabilities (example samba, libcairo2, libopenjp2-7). What are they being used for?

2

You can get information on the package with apt show packagename

Example of output:

~# apt show libcairo2
Package: libcairo2
Version: 1.16.0-7
Priority: optional
Section: libs
Source: cairo
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Installed-Size: 1,338 kB
Depends: libc6 (>= 2.35), libfontconfig1 (>= 2.12.6), libfreetype6 (>= 2.9.1), libpixman-1-0 (>= 0.30.0), libpng16-16 (>= 1.6.2-1), libx11-6, libxcb-render0, libxcb-shm0, libxcb1 (>= 1.6), libxext6, libxrender1, zlib1g (>= 1:1.1.4)
Breaks: libwebkit2gtk-3.0-25 (<< 2.4.5-2~), libwebkitgtk-1.0-0 (<< 2.4.5-2~), libwebkitgtk-3.0-0 (<< 2.4.5-2~), weston (<< 1.5.0-3~)
Homepage: https://cairographics.org/
Tag: role::shared-lib
Download-Size: 575 kB
APT-Manual-Installed: no
APT-Sources: http://deb.debian.org/debian bookworm/main amd64 Packages
Description: Cairo 2D vector graphics library
 Cairo is a multi-platform library providing anti-aliased
 vector-based rendering for multiple target backends. Paths consist
 of line segments and cubic splines and can be rendered at any width
 with various join and cap styles. All colors may be specified with
 optional translucence (opacity/alpha) and combined using the
 extended Porter/Duff compositing algebra as found in the X Render
 Extension.
 .
 Cairo exports a stateful rendering API similar in spirit to the path
 construction, text, and painting operators of PostScript, (with the
 significant addition of translucence in the imaging model). When
 complete, the API is intended to support the complete imaging model of
 PDF 1.4.
 .
 This package contains the shared libraries.
  • Glowsome
3

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.