patch-management
Safeguard articles tagged "patch-management" — guides, analysis, and best practices for software supply chain and application security.
53 articles
PHP 7.4.33 Vulnerabilities: The Real Risk of Running EOL PHP
PHP 7.4.33 was the final release in the 7.4 line before it reached end of life — running it today means every new vulnerability discovered afterward goes unpatched by design.
CVE-2025-1094 in PostgreSQL psql: Patch Posture & SBOM Response
PostgreSQL psql SQL injection scored CVSS 8.1 and patched in 17.3 / 16.7 / 15.11 / 14.16 / 13.19. Defender SBOM and rollout playbook.
How to Fix Vulnerabilities: A Practical Workflow
A practical, repeatable workflow for how to fix vulnerabilities once a scanner finds them — triage, verify, patch, and confirm — instead of treating every finding as equally urgent.
A Framework for Security Patch Prioritization
You cannot patch everything immediately. Here is a risk-based framework for deciding which patches to apply first when your vulnerability backlog exceeds your capacity.
Nginx 1.20.1 Vulnerabilities: What to Patch
Nginx 1.20.1 fixed a real, exploitable DNS resolver bug — if you're still running an older 1.20.x or 1.19.x build, here's what the fix addressed and why it matters.