* Update of openssh due to CVE CVE-2024-6387
@ 2024-07-01 15:40 Adolf Belka
0 siblings, 0 replies; only message in thread
From: Adolf Belka @ 2024-07-01 15:40 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 516 bytes --]
Hi All,
Openssh has a CVE
https://community.ipfire.org/t/cve-2024-6387-openssh-regession/11806
I am building a package update for Openssh to 9.8p1 and will submit to go into CU187.
I am not sure that it is super critical for IPFire as so far the exploit has only been demonstrated in 32 bit systems with the attacker having to try and make connections for 6 to 8 hours.
On 64 bit systems they expect it will take longer but so far the exploit has not yet been demonstrated.
Regards,
Adolf.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2024-07-01 15:40 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-07-01 15:40 Update of openssh due to CVE CVE-2024-6387 Adolf Belka
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox