Re: [PLUG] recent vulnerability in OpenSSH

Walt Mankowski via plug on 1 Jul 2024 16:37:22 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] recent vulnerability in OpenSSH

From: Walt Mankowski via plug <plug@lists.phillylinux.org>
To: plug@lists.phillylinux.org
Subject: Re: [PLUG] recent vulnerability in OpenSSH
Date: Mon, 1 Jul 2024 16:37:10 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed; d=pobox.com; h=date:from :to:subject:message-id:references:mime-version:content-type :in-reply-to; s=sasl; bh=MxgHRBKD4+vR/ADerS54mPiERy02iLCprVr+2K5 r1o4=; b=Nstg0qiglovTMk3LLSANaGWWO1BXSTsQuzX/b2moi5s5vwdg3piXKxG iLim5GcCuaYQWbJoLOXIx4WJxCOOrA/AtQzyiLpcxT6ReOvcByu6CI1Y+eP5V8AH rtZV8NJfz6uYlAC4fv2UzpfO6jL8DnO6P4pm+YEPrsVRVl6dSdNE=
Feedback-id: i7af9444b:Fastmail
Reply-to: Walt Mankowski <waltman@pobox.com>
Sender: "plug" <plug-bounces@lists.phillylinux.org>
User-agent: Mutt/2.2.13 (2024-03-09)

There were updated OpenSSH packages on all the Ubuntu boxes I maintain
first thing this morning.

Walt

On Mon, Jul 01, 2024 at 05:22:46PM -0400, Alan D. Salewski via plug wrote:
> On 2024-07-01 16:31:59, Martin Cracauer via plug <plug@lists.phillylinux.org> spake thus:
> > Alan D. Salewski via plug wrote on Mon, Jul 01, 2024 at 04:25:46PM -0400:
> [...]
> > Have been hunting ssh demons all day.  Is it normal for Debian's
> > unattended updates to not work as expected?
> > 
> > Martin
> 
> I don't use the unattended updates feature, but maybe check the
> scheduling frequency of that process.
> 
> Also confirm that the 'bookworm-security' repository is
> configured. Is you're running Debian 12.x ("bookworm"), the fix is
> in version 1:9.2p1-2+deb12u3 of the openssh-server package[0].
> 
>     # apt-cache policy openssh-server
>     openssh-server:
>       Installed: 1:8.4p1-5+deb11u3
>       Candidate: 1:8.4p1-5+deb11u3
>       Version table:
>          1:9.7p1-7 80
>              80 https://deb.debian.org/debian sid/main amd64 Packages
>          1:9.2p1-2+deb12u3 500
>             500 https://security.debian.org/debian-security bookworm-security/main amd64 Packages
>             500 https://deb.debian.org/debian bookworm-proposed-updates/main amd64 Packages
>          1:9.2p1-2+deb12u2 500
>             500 https://deb.debian.org/debian bookworm/main amd64 Packages
>     ...
> 
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2024-6387
> 
> -- 
> a l a n   d.   s a l e w s k i
> ads@salewski.email
> salewski@att.net
> https://github.com/salewski
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] recent vulnerability in OpenSSH
  - From: Michael Lazin via plug <plug@lists.phillylinux.org>
- Re: [PLUG] recent vulnerability in OpenSSH
  - From: "Alan D. Salewski via plug" <plug@lists.phillylinux.org>
- Re: [PLUG] recent vulnerability in OpenSSH
  - From: "Alan D. Salewski via plug" <plug@lists.phillylinux.org>
- Re: [PLUG] recent vulnerability in OpenSSH
  - From: Martin Cracauer via plug <plug@lists.phillylinux.org>
- Re: [PLUG] recent vulnerability in OpenSSH
  - From: "Alan D. Salewski via plug" <plug@lists.phillylinux.org>

Prev by Date: Re: [PLUG] recent vulnerability in OpenSSH
Next by Date: [PLUG] [plug-announce] Wed July 3 - PLUG Central - "General Linux Discussion" (7pm EDT online)
Previous by thread: Re: [PLUG] recent vulnerability in OpenSSH
Next by thread: [PLUG] [plug-announce] Wed July 3 - PLUG Central - "General Linux Discussion" (7pm EDT online)
Index(es):
- Date
- Thread