[gull] openssh remote vulnerability
Marc SCHAEFER
schaefer at alphanet.ch
Mon Jul 1 11:58:03 CEST 2024
Hello,
On Mon, Jul 01, 2024 at 11:14:35AM +0200, Claude Paroz via gull wrote:
> Les paquets suivants contiennent des dépendances non satisfaites :
Tu pourrais faire apt-get update (ou apt update) avant?
Il y a eu énormément de packages mis à jour hier en raison de la point
release, indépendamment de la correction SSH de ce matin.
Aussi, confirmation que buster (néanmoins obsolète depuis hier) n'est
pas affecté:
Date: Mon, 1 Jul 2024 11:51:32 +0200
From: Ola Lundqvist <ola at inguza.com>
To: Marc SCHAEFER <schaefer at alphanet.ch>
Cc: debian-lts at lists.debian.org
Subject: Re: SSH vulnerability
Hi
I have checked the source code and I can confirm that the code pointed
to
https://security-tracker.debian.org/tracker/CVE-2024-6387
as "introduced with"
(https://github.com/openssh/openssh-portable/commit/752250caabda3dd24635503c4cd689b32a650794)
is not in the source, and therefore must have been introduced later.
Cheers
// Ola
More information about the gull
mailing list