Update SQL 2019 CU15 to latest patch to address JFHQ-DoDIN IAVM Vulnerabilities
Follow up to Mr. Freeman's comments on May 18th on (closed) issue: #1 (closed)
The image pushed to master branch appears to be the same vulnerable version of SQL 2019 CU15 15.0.4198.2 in Iron Bank for over a year now. This image has been flagged in the following CAT 1 vulnerabilities:
JFHQ-DoDIN IAVM 2023-A-0086 Security Update for MS SQL Server (February 2023) JFHQ-DoDIN IAVM 2023-A-0189 Security Update for MS SQL Server (April 2023)
We are requesting a patched version of RHEL SQL Server 2019 CU18 (or newer) to address these CAT 1 vulnerabilities. Please let us know when this will be available. Our DHA Ektropy application is coded to pull hardened images from Iron Bank.