Hey @prabhjotkour.91,
I just noticed you popped a forum post here about vulnerabilities in the Octopus version you are asking about in this forum post (2022.3.10692) so I did do some more digging and our Lead Engineer gave me some advice too.
This is for our Octopus Linux containers specifically:
Each build of Octopus is built on the latest patches of:
2022.4 and below: mcr.microsoft.com/dotnet/runtime-deps:5.0
2023.1: mcr.microsoft.com/dotnet/runtime-deps:6.0
You can find out more about this here.
So each Octopus release we publish will have the latest .net and Linux OS patches that are out at the time we build the Octopus release, we do not backport those patches to earlier versions.
If you upgrade to 2023.1 (latest) you would have the latest patches from .net 6.0 and Linux from whenever that release was built. So to get the latest patches you would need to ensure you have a regular Octopus upgrade cadence.
If you want to stay on 2022.3.10692 and have the latest patches you would need to run your own custom container based off of that Octopus release and run the below code so the container is up to date (which would be a more automated way of doing this):
RUN apt-get update && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
You can also do this manually by using our docker images and docker ps into them to run the above script as mentioned here.
I hope that helps answer the question you had here and on the other forum post. Let me know if it does not though and I will see what I can do to help.
Kind Regards,
Clare