Re: [PLUG] recent vulnerability in OpenSSH

Alan D. Salewski via plug on 1 Jul 2024 13:16:25 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] recent vulnerability in OpenSSH

From: "Alan D. Salewski via plug" <plug@lists.phillylinux.org>
To: PLUG Mailing List <plug@lists.phillylinux.org>
Subject: Re: [PLUG] recent vulnerability in OpenSSH
Date: Mon, 1 Jul 2024 16:21:40 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed; d=pobox.com; h=date:from :to:subject:message-id:reply-to:references:mime-version :content-type:in-reply-to:content-transfer-encoding; s=sasl; bh= xQUng/DmI8zSiRp0K0IddpizsdAb4PBiRLMH8MWtp5c=; b=QOLhzVArQxHEuHJj aIcY3fERxu7MgPRhH3g/t/S/UwX7CCZR3/6pMXzv9fghtGWJ5lb/9yiy13kINozP x2eah+01KCQ4tWv0+rBgzrjX2TJyuCkIrEBc589UBOPo3d94maaTyRZSScqHgTuk SV/Po5Cjcp1V80ti7STewekp3UE=
Dkim-signature: v=1; a=rsa-sha256; c=relaxed; d=salewski.email; h=date:from:to:subject:message-id:reply-to:references:mime-version:content-type:content-transfer-encoding:in-reply-to; s=2020-09.pbsmtp; bh=1EMgqyFo+dJbYDyp5hmkZz2xzoeQwz5tBL+iPq2r5DI=; b=yoac9ARkhND009/cRCEfxa219Bsc1fo3yn3Wy03Ehpq5cIm2wC5TWrBjXwhyNXhdTwBBcjfohoecgX1w0cTZd2uMCEKOxNKBikLGYJFzGnbCNb80ELvXWYtwZcGG7Vd1K+7z7g55OSkmsMW7T428qo/+A3Ezdkbvo9IAYQCQV7w=
Mail-followup-to: PLUG Mailing List <plug@lists.phillylinux.org>
Reply-to: "Alan D. Salewski" <salewski@att.net>, "Alan D. Salewski" <ads@salewski.email>
Sender: "plug" <plug-bounces@lists.phillylinux.org>
User-agent: Mutt/2.0.5 (2021-01-21)

On 2024-07-01 14:13:30, Michael Lazin via plug <plug@lists.phillylinux.org> spake thus:

https://thehackernews.com/2024/07/new-openssh-vulnerability-could-lead-to.html

I thought this would be of interest to the group.  I saw this today.

Thank you,

Michael Lazin

.. τὸ γὰρ αὐτὸ νοεῖν ἐστίν τε καὶ εἶναι.


Thanks for the heads-up Michael!

This note from Damien Miller on the 'oss-security' list has a workaround plus
patches:

    https://www.openwall.com/lists/oss-security/2024/07/01/2

Here's the note for the just-released version of OpenSSH that contains the
fix:

    "Announce: OpenSSH 9.8 released"
    https://www.openwall.com/lists/oss-security/2024/07/01/1

-Al

--
a l a n   d.   s a l e w s k i
ads@salewski.email
salewski@att.net
https://github.com/salewski
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] recent vulnerability in OpenSSH
  - From: "Alan D. Salewski via plug" <plug@lists.phillylinux.org>

References:
- [PLUG] recent vulnerability in OpenSSH
  - From: Michael Lazin via plug <plug@lists.phillylinux.org>

Prev by Date: [PLUG] recent vulnerability in OpenSSH
Next by Date: Re: [PLUG] recent vulnerability in OpenSSH
Previous by thread: [PLUG] recent vulnerability in OpenSSH
Next by thread: Re: [PLUG] recent vulnerability in OpenSSH
Index(es):
- Date
- Thread