CVE-2022-0778

Vikram
New Contributor II

How can we update the OpenSSL version for the cluster to address this vulnerability ?

https://ubuntu.com/security/CVE-2022-0778

Tried with this global init script to auto update the openssl version but does not seem to work as apt-utils is missing.

apt-get update

apt-get install --only-upgrade openssl

I have tried modifying the global init script as follows to fix the missing apt-utils.

apt-get update

apt-get install -y --no-install-recommends apt-utils

apt-get install --only-upgrade openssl

Please suggest the right way to fix this vulnerability. BTW i have used 10.4 LTS available in Azure databricks as the runtime.