The gb_ubuntu_USN_3817_1.nasl plugin claims that an Ubuntu 18.04 server with python2.7 version 2.7.15-4ubuntu4~18.04 is vulnerable and that 2.7.15~rc1-1ubuntu0.1 is the fixed version. But if I force the installation of the supposedly fixed version thus:
% sudo apt install python2.7=2.7.15~rc1-1ubuntu0.1 python2.7-minimal=2.7.15~rc1-1ubuntu0.1 libpython2.7=2.7.15~rc1-1ubuntu0.1 libpython2.7-minimal=2.7.15~rc1-1ubuntu0.1 libpython2.7-stdlib=2.7.15~rc1-1ubuntu0.1
apt complains, saying I am downgrading:
dpkg: warning: downgrading python2.7 from 2.7.15-4ubuntu4~18.04 to 2.7.15~rc1-1ubuntu0.1
Which is correct? I do note that 2.7.15-4ubuntu4~18.04 is dated much later than 2.7.15~rc1-1ubuntu0.1.