AWS Ubuntu Pro FIPS 18.04 LTS AMI

Yan, Michael myan at
Tue Jan 18 21:52:59 UTC 2022


We are evaluating "Ubuntu Pro FIPS 18.04 LTS” for our k8s deployment in Cloud. After scanning the image with BlackDuck, there are 176 critical/high CVEs reported. I wonder if they are real security risks and what mitigation measures I can take. Does Ubuntu have such security scan report published somewhere?



The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation of the contents of this information is strictly prohibited and may be unlawful.

This email has been scanned for viruses and malware, and may have been automatically archived by Mimecast Ltd, an innovator in Software as a Service (SaaS) for business. Providing a safer and more useful place for your human generated data. Specializing in; Security, archiving and compliance. To find out more visit the Mimecast website.

More information about the Ubuntu-quality mailing list