Snakeoil Forums

Full Version: Openssh vulnerability is fixed in Mantic
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
https://nvd.nist.gov/vuln/detail/CVE-2024-6387
  • OpenSSH versions earlier than 4.4p1 (released 2006) are vulnerable unless they've been patched for CVE-2006-5051 and CVE-2008-4109. Versions 8.5p1 (released March 2021) up to, but not including, 9.8p1 (released 1st July, 2024) are also affected, owing to the accidental removal of a critical component. The vulnerability has been fixed in version 9.8p1.

    The current version of Ubuntu Mantic has openssh-server version 9.8p1.
If you arent on mantic, upgrading the package is sufficient, as this will restart the daemon process,
Code:
sudo apt update && sudo apt install openssh-server