QUICK NEWS

{NEW} - A new css video is up.

{OLD} - New video courtesy of Skhilled, Thanks for posting it up.

Video of the moment:


Internal Links

SMF Sites

Quick Info

CVE-2023-38408 - Openssh vulnerability

Started by Neša, Jul 27, 2023, 06:53 PM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Neša

A new vulnerability in OpenSSH versions that are below 9.32_p2, there is no back port to redhat/rocky/alma.
This redhat link has ways of mitigating the risk.
https://access.redhat.com/security/cve/CVE-2023-38408


Bigguy

"It's the American dream....cause ya have to be asleep to believe it." - George Carlin

Skhilled


Bigguy

Changed the icon on the first post.
"It's the American dream....cause ya have to be asleep to believe it." - George Carlin

Neša

Quote from: Bigguy on Jul 28, 2023, 06:25 PMChanged the icon on the first post.

Thanks.

I should have posted earlier Red Hat and all the down stream (Rocky, Alma) have a back port patch please update your servers if you haven't already.


Skhilled

Ah! That may have been the Easyapache updates I saw about 2 days ago. I updated the server then. I no long run the server but still have access to it. ;)

Neša

Quote from: Skhilled on Aug 14, 2023, 05:55 PMAh! That may have been the Easyapache updates I saw about 2 days ago. I updated the server then. I no long run the server but still have access to it. ;)

It should have been an opnessh update, you can check the changelog to see if you have the update.
rpm -q openssh --changelog | grep CVE-2023-38408if you have the installed update you should see text like this.
You cannot view this attachment.

If you don't get that text you'll need to upgrade openssh.


Skhilled