Merge pull request #269001 from cmcclister/Broken-link-fix-htaubenfeld

prmerger-automator[bot] · web-flow · commit 961e487d81ba · 2024-03-18T15:48:51.000Z
Broken Links Fixed
diff --git a/articles/azure-linux/concepts-core.md b/articles/azure-linux/concepts-core.md
@@ -17,7 +17,7 @@ Microsoft Azure Linux is an open-sourced project maintained by Microsoft, which
 
 One of the responsibilities of Microsoft in maintaining the Azure Linux Container Host is establishing a process for CVEs, such as identifying applicable CVEs and publishing CVE fixes, and adhering to defined Service Level Agreements (SLAs) for package fixes. The Azure Linux team builds and maintains the SLA for package fixes for production purposes. For more information, see the [Azure Linux package repo structure](https://github.com/microsoft/CBL-Mariner/blob/2.0/toolkit/docs/building/building.md#packagesmicrosoftcom-repository-structure). For the packages included in the Azure Linux Container Host, Azure Linux scans for security vulnerabilities twice a day via CVEs in the [National Vulnerability Database (NVD)](https://nvd.nist.gov/).
 
-Azure Linux CVEs are published in the [Security Update Guide (SUG) Common Vulnerability Reporting Framework (CVRF) API](https://api.msrc.microsoft.com/cvrf/v2.0/swagger/index). This allows you to get detailed Microsoft security updates about security vulnerabilities that have been investigated by the [Microsoft Security Response Center (MSRC)](https://www.microsoft.com/msrc). By collaborating with MSRC, Azure Linux can quickly and consistently discover, evaluate, and patch CVEs, and contribute critical fixes back upstream.
+Azure Linux CVEs are published in the [Security Update Guide (SUG) Common Vulnerability Reporting Framework (CVRF) API](https://github.com/microsoft/MSRC-Microsoft-Security-Updates-API). This allows you to get detailed Microsoft security updates about security vulnerabilities that have been investigated by the [Microsoft Security Response Center (MSRC)](https://www.microsoft.com/msrc). By collaborating with MSRC, Azure Linux can quickly and consistently discover, evaluate, and patch CVEs, and contribute critical fixes back upstream.
 
 High and critical CVEs are taken seriously and may be released out-of-band as a package update before a new AKS node image is available. Medium and low CVEs are included in the next image release.
 
