+- Snakeoil Forums (https://forums.snakeoil-os.net)
+-- Forum: Snakeoil Topics (https://forums.snakeoil-os.net/Forum-Snakeoil-Topics)
+--- Forum: Support & Troubleshooting (https://forums.snakeoil-os.net/Forum-Support-Troubleshooting)
+--- Thread: Openssh vulnerability is fixed in Mantic (/Thread-Openssh-vulnerability-is-fixed-in-Mantic)
Openssh vulnerability is fixed in Mantic - patricia1066 - 17-Jul-2024
https://nvd.nist.gov/vuln/detail/CVE-2024-6387
- OpenSSH versions earlier than 4.4p1 (released 2006) are vulnerable unless they've been patched for CVE-2006-5051 and CVE-2008-4109. Versions 8.5p1 (released March 2021) up to, but not including, 9.8p1 (released 1st July, 2024) are also affected, owing to the accidental removal of a critical component. The vulnerability has been fixed in version 9.8p1.
The current version of Ubuntu Mantic has openssh-server version 9.8p1.
Code:
sudo apt update && sudo apt install openssh-server