Software vulnerabilities

Security issues with software installed on machines are monitored using the operating system’s vulnerability database (GLSA) which allows to check for known vulnerabilities in the installed packages of a machine.

If a vulnerability applies to a machine then the monitoring system alerts the administrators. After that our goal is to install fixes within 24 hours of their availability. However, the actual timing depends on the specific complexity of the vulnerability and may require more time for extensive testing to ensure continuous operation of the affected systems. The requirement of availability of the service will be considered in comparison to the severity of the vulnerability.

The process of performing security updates will be followed when applying security fixes.