Stay Up On Latest Security Vulnerabilities
Staying updated on the latest security vulnerabilities can be daunting which can understandably lead you to ask whether a particular version of SLES is vulnerable. The first thing to note when you get a security notification, for example from https://cve.mitre.org, https://nvd.nist.gov, or even by word of mouth, is the CVE identifier which will look similar to this:
CVEs are unique, common identifiers for publicly known cyber security vulnerabilities.
Once you have the CVE, it’s easy to find out whether a particular version of SLES is vulnerable, if there is a patch available for download, or what the current status of the patch release is.
Just append the CVE to https://www.suse.com/security/cve/ and add .html to the end. For the above example, CVE-2015-5477, to find out more information related to this vulnerability and how SLES is affected, just enter:
If page is not found, it means that the information for this particular CVE isn’t available yet.
You can also browse directly to https://www.suse.com/security/cve to find links to all CVEs with currently information posted.