[gull] openssh remote vulnerability

[Marc SCHAEFER]

On Mon, Jul 01, 2024 at 12:10:42PM +0200, Claude Paroz via gull wrote:
> Oui, je ne l'avais pas écrit mais je l'avais fait bien sûr.

Ok,

curieux,

J'ai mis à jour du buster, du bullseye et du bookworm ce matin sans
souci.

Je refais un essai, avec du bookworm sans sources d'installation
spéciales (base + security + "volatile"):

   root at ds-services-dns:~# apt-get update && apt-get -u dist-upgrade; apt-get clean; checkrestart

   The following packages will be upgraded:
     base-files bash curl dns-root-data libcurl3-gnutls libcurl4
   libfreetype6
     libgnutls-dane0 libgnutls30 libltdl-dev libltdl7 libnss-systemd
     libpam-systemd libpython3.11-minimal libpython3.11-stdlib libseccomp2
     libssl3 libsystemd-shared libsystemd0 libtool libudev1 linux-libc-dev
     openssh-client openssh-server openssh-sftp-server openssl python3.11
     python3.11-minimal systemd systemd-sysv systemd-timesyncd
   31 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
   Need to get 23.8 MB of archives.
   After this operation, 38.9 kB of additional disk space will be used.

tout bon, sshd a été redémarré.

> Peut-être un problème transitoire qui sera corrigé dans les prochaines
> heures...

Possible sur le miroir que tu utilises ...

mon /etc/apt/sources.list.d/debian.sources:

Types: deb
URIs: http://deb.debian.org/debian
Suites: bookworm bookworm-updates
Components: main
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

Types: deb
URIs: http://deb.debian.org/debian-security
Suites: bookworm-security
Components: main
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg