Last month we received some new security issues with openssl and openssh on 3 ways:
- my notifications
- BigFix
- flrtvc: IBM - FLRT Fix Level Recommendation Tool
As well as both mynotifications and flrtvc showed these issues as vulnerabilities and security related, BigFix showed them as simple updates. I would highly appreciate if BigFix would show them as well and detailed as flrtvc.
Example flrtvc:
openssh.base.server - 6.0.0.6203 - Vulnerabilities (1)
(1) NOT FIXED - Vulnerabilities in OpenSSH affect AIX.
Type: sec
Score: 6.5
Versions: 4.0.0.5200-7.1.102.1100
APARs/CVEs: CVE-2017-15906
Last Update: 11/14/2017
Bulletin: http://aix.software.ibm.com/aix/efixes/security/openssh_advisory11.asc
Download: https://www-01.ibm.com/marketing/iwm/iwm/web/reg/download.do?source=aixbp&lang=en_US&S_PKG=openssh&cp=UTF-8
Fixed In: See Bulletin
Example BigFix: