My NextCloudPi 18 generates a security scan email at 2 AM every day. The subject line of the email is “Debian security status of ” and the body starts with
Security report based on the buster release
*** New security updates
CVE-2018-12207 Improper invalidation for page table updates by a…
https://security-tracker.debian.org/tracker/CVE-2018-12207
- linux-libc-dev
CVE-2018-20836 An issue was discovered in the Linux kernel before…
https://security-tracker.debian.org/tracker/CVE-2018-20836
- linux-libc-dev
CVE-2018-20852 http.cookiejar.DefaultPolicy.domain_return_ok in…
https://security-tracker.debian.org/tracker/CVE-2018-20852
- libpython2.7, libpython2.7-minimal, libpython2.7-stdlib, python2.7,
python2.7-minimal
CVE-2018-21029 ** DISPUTED ** systemd 239 through 244 accepts any…
https://security-tracker.debian.org/tracker/CVE-2018-21029
- libpam-systemd, libsystemd0, libudev1, systemd, systemd-sysv, udev
(low urgency)
CVE-2019-0136 Insufficient access control in the Intel(R)…
https://security-tracker.debian.org/tracker/CVE-2019-0136
- linux-libc-dev
CVE-2019-0154 Insufficient access control in subsystem for Intel…
https://security-tracker.debian.org/tracker/CVE-2019-0154
- linux-libc-dev
The questions I have are:
- Are these critical issues?
- Can I do something to eliminate them?
- If not, how can I disable the email from being generated?