this post was submitted on 02 Jul 2024
36 points (97.4% liked)

Linux

48074 readers
1040 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

I'm running a few Debian stable systems that are up to date on patches.

But I just ran ssh -V and the OpenSSH version listed is "OpenSSH_9.2p1 Debian-2+deb12u3" which as I understand is still vulnerable.

Am I missing something or am I good?

top 7 comments
sorted by: hot top controversial new old
[–] [email protected] 33 points 4 months ago (1 children)

Never mind, found the Debian security bulletin, my version is patched already.

Leaving this here for any other newbies that might be wondering.

Sorry, all!

[–] TCB13 2 points 4 months ago (2 children)

"oh but Debian only has old stuff" , yeah sure. :P

[–] [email protected] 2 points 4 months ago (1 children)

They patch stuff like this fast because it's a remote exploit. Local privilege escalation exploits are fixed much slower.

[–] TCB13 2 points 4 months ago

I know, I know, but trust me that a lot of people believe that they don’t issue security patches fast.

[–] [email protected] 0 points 4 months ago

LTS means security fixes, but little else if any. good luck if you need a feature that came out a year ago it's not in the repo yet

[–] [email protected] 16 points 4 months ago
[–] [email protected] 4 points 4 months ago

PoC on 32 bit requires thousands of authentication attempts, so any sane firewall should protect you against it already. Afaik there isnt any for 64 bit