According to the OpenSSH team and its release notes for version 9.8, which includes the fix for CVE-2024-6387, in lab conditions it took between six and eight hours to beat the race condition.
1 posted on
07/02/2024 10:59:45 AM PDT by
ShadowAce
To: rdb3; JosephW; martin_fierro; Still Thinking; zeugma; Vinnie; ironman; Egon; raybbr; AFreeBird; ...
2 posted on
07/02/2024 11:00:00 AM PDT by
ShadowAce
(Linux - The Ultimate Windows Service Pack )
To: ShadowAce
3 posted on
07/02/2024 11:03:16 AM PDT by
algore
To: ShadowAce
This was what my son was frantically trying to figure out last night when a tornado warning sent us into the basement. He’s worked so hard to set up our secure server and just like that he had to figure out how to keep it secure.
To: ShadowAce
Since I posted this a few minutes ago, I checked my available updates, and my distro already has the newest package ready to DL with the fix.
I love Open Source!
6 posted on
07/02/2024 11:17:56 AM PDT by
ShadowAce
(Linux - The Ultimate Windows Service Pack )
Yet another reason to restrict network access to a sshd endpoint.
7 posted on
07/02/2024 11:41:49 AM PDT by
Gene Eric
(Don't be a statist! )
To: Openurmind
8 posted on
07/02/2024 11:47:45 AM PDT by
Carriage Hill
(A society grows great when old men plant trees, in whose shade they know they will never sit.)
To: ShadowAce
Well..... That’s not good.
9 posted on
07/02/2024 11:59:09 AM PDT by
Dead Corpse
(A Psalm in napalm...)
To: ShadowAce
The Register tends to get a little breathless about vulns. This one is very difficult to exploit, but you have to read deep into the article to discover that. Oh well, they deserve the clicks...
11 posted on
07/02/2024 1:43:48 PM PDT by
dayglored
(Strange Women Lying In Ponds Distributing Swords! Arthur Pendragon in 2024)
To: ShadowAce
I run OpenSUSE 15.5. Here is their statement:
“Only SUSE Linux Enterprise 15 SP6, SUSE Linux Micro 6.0, openSUSE Leap 15.6 and openSUSE Tumbleweed were affected by this problem.”
27 posted on
07/03/2024 7:40:40 AM PDT by
steve86
(Numquam accusatus, numquam ad curiam ibit, numquam ad carceremâ„¢)
To: ShadowAce
Not in the Windple duopoly?
We’ll get you, our little pretties!
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson