this post was submitted on 01 Jul 2024
446 points (90.7% liked)
linuxmemes
20954 readers
160 users here now
I use Arch btw
Sister communities:
- LemmyMemes: Memes
- LemmyShitpost: Anything and everything goes.
- RISA: Star Trek memes and shitposts
Community rules
- Follow the site-wide rules and code of conduct
- Be civil
- Post Linux-related content
- No recent reposts
Please report posts and comments that break these rules!
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The ssh vulnerability didn’t affect Debian because the packages were too many versions behind
Except this isn't true at all.
https://security-tracker.debian.org/tracker/CVE-2024-6387
Regresshion impacted bookworm and trixie both. Buster was too old.
With the downside of me doing an apt update and seeing that openssh-server was on
1:9.2p1-2+deb12u3
and I had no idea at a glance if this included the fix or not (qualys's page states version 8.5p1-9.8p1 were vulnerable).If you are running debian bookworm or trixie, you absolutely should update your openssh-server package.