Re: Debian Stretch AMI on AWS Marketplace + Meltdown
On Sun, 2018-02-04 at 12:28 -0800, Noah Meyerhans wrote:
> On Sun, Feb 04, 2018 at 02:55:52PM +1100, Michael Schams wrote:
> > However, the AWS scan tool rejects the AMI due to the following
> > issue:
> >
> > (quote) "Vulnerabilities detected - The following vulnerabilities
> > were detected and must be addressed: CVE-2017-5754 [3]."
>
> Unfortunately, only the AWS marketplace people know what their scan
> is looking for here. You'll probably need to reach out to them for
> help.
Yeah, well... I contacted them a few days ago. No response yet.
I thought I could try to sort this out another way :-)
> Interesting that they're detecting problems here but they didn't have
> any issues with the original AMI. It's probably just that they hadn't
> yet implemented Meltdown checks when I registered mine.
That would explain it. My first failed scan attempt was on 30 or 31
January 2018. AMI ami-628ad918 was released on 06 January and made it
into the Marketplace a few days after.
Thanks for your feedback. Let's keep your fingers crossed that I hear
from the Marketplace team soon.
Cheers
Michael
Reply to: