- Knowledge base
- General
- Vulnerability tests
-
Security updates
-
Product news
-
Next-Gen Vulnerability Management
-
Getting started
-
General
-
Operating status
-
Network & System Security
-
Web Application Security
-
Cloud Security
-
API Security
-
Phishing Simulation & Awareness Training
-
Attack Surface Management
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset management
-
Vulnerability manager
-
Reports
-
Digest reports
-
Organizer
-
Continuous monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & conditions
-
Dashboard
How do I scan for backported patches?
Certain Operating Systems (OS) are delivering patches back to older versions of the OS when the software needs to be updated. This is done as the older versions of the OS are still supported but only receive minor and critical updates.
For example, Apache2 on Debian 8 can receive a minor patch version delivered to address a vulnerability. While Apache2 on latest Debian 10 would receive the official patched version from Apache2 as it is the latest supported version running.
This concept is known and referred to as backported patches. The official patches for the software are backported to an older version to address a common issue or vulnerability.
Security Center automatically scans and performs analysis by taking backported patches into account for the most known software and OS that provides this concept. The list of backported patches is maintained by Holm Security and continuously updated when we have identified new backported patched versions being available.
This feature can't be turned off and is enabled on all scans carried out through the platform by default.
When backported versions have been identified, an info-level vulnerability is created with information about what software was identified and how the backported logic impacted it.
For example, version 2.1.32 of Apache2 could be re-mapped internally to version 2.1.99 by the backported logic to avoid impacting the result as a false-positive. This is visible in the info level vulnerability you can find by searching for "backported". Hence, you might see version 2.1.99 on specific vulnerabilities, which results from the backported logic and won't impact the result negatively.
Example of software receiving backported patches:
- Apache
- Apache Tomcat
- OpenSSH
- Sendmail
- Dropbear
- ProFTPD
- OpenSSL
- PHP
- ntpd
- PHP
- Apache
- PostgreSQL
- Python
- Sudo
- lighttpd
- IBM HTTP Server
- Oracle HTTP Server
- CPWS
Example of operating systems using backported patches:
- Ubuntu
- RHEL
- CentOS
- Oracle Linux/Solaris
- SuSE
- openSuSE
- Mac OS X
- FreeBSD
- Fedora
- Mandriva
- Mageia
- EulerOS
- Slackware
- Debian
- Mac OS X Server
- Virtuozzo
- OpenVMS
- Amazon Linux
- Checkpoint IPSO OS
- ZyXEL
- QNX
- HP-UX
- SLES