Title

TOSS must be a vendor-supported release. (Cat I impact)

Discussion

An operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.

Check Content

Verify the version of the operating system is vendor supported. Check the version of the operating system with the following command: $ sudo cat /etc/toss-release toss-release-4.3-3 Current End of support for TOSS 4.3 is 30 April 2022. Current End of support for TOSS 4.4 is 30 November 2023. Current End of support for TOSS 4.5 is 30 April 2023. Current End of support for TOSS 4.6 is 30 November 2023. Current End of support for TOSS 4.7 is 30 April 2024. Current End of support for TOSS 4.8 is 31 May 2029. If the release is not supported by the vendor, this is a finding.

Fix Text

Upgrade to a supported version of TOSS.

Additional Identifiers

Rule ID: SV-253110r991589_rule

Vulnerability ID: V-253110

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.