I have 3 AWS EC2 instances running Ubuntu 22.04.4 LTS, and AWS Inspector is complaining that I have an issue with CVE-2023-52323 - pycryptodomex. I have nothing to upgrade:
ubuntu@ip-XX-XX-XX-XX:~$ apt list --upgradeableListing... Done
I tried to install it using the command in the documentation:
ubuntu@ip-XX-XX-XX-XX:~$ pip3 install pycryptodomexDefaulting to user installation because normal site packages is not writeableRequirement already satisfied: pycryptodomex in /usr/lib/python3/dist-packages (3.11.0)ubuntu@ip-XX-XX-XX-XX:~$
But as you can see, it does not update, and I cannot update as root also:
ubuntu@ip-XX-XX-XX-XX:~$ sudo pip3 install pycryptodomexRequirement already satisfied: pycryptodomex in /usr/lib/python3/dist-packages (3.11.0)WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venvubuntu@ip-XX-XX-XX-XX:~$
So, how am I supposed to update this package?