Security flaws with operating systems are discovered daily. Vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (including any contractor to the organization) are required to promptly install security-relevant software updates (e.g., patches, service packs, and hot fixes). Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling must also be addressed expeditiously.
Check
Verify that the version of AlmaLinux is vendor supported with the following command:
$ cat /etc/tuxcare-release TuxCare Enterprise Support for AlmaLinux release 9.2
If the installed version of AlmaLinux is not supported (version may also be 9.6), this is a finding.
Fix
Extended vendor support is available from TuxCare as part of the Enterprise Support for AlmaLinux product line. Access this (and the FIPS packages) by purchasing an ESU license key.