search

PowerShell / Win32-OpenSSH

Win32 port of OpenSSH
7.36k stars 757 forks source link

Plans on addressing CVE-2024-6387 #2250

Closed V3ct0r-v closed 2 months ago

V3ct0r-v commented 3 months ago

Summary of the new feature / enhancement

Request for Information

Proposed technical implementation details (optional)

CVE-2024-6387 (aka regreSSHion) is a Remote Unauthenticated Code Execution vulnerability in sshd in glibc-based Linux systems, discovered by Qualys.

OpenSSH versions impacted: OpenSSH versions earlier than 4.4p1 OpenSSH versions between 8.5p1 and 9.8p1

Can you please confirm the latest version if v9.5.0.0p1-Beta is vulnerable? Is there a plan to address regreSSHion in an upcoming "production ready" release?

jgard commented 3 months ago

Dupe of https://github.com/PowerShell/Win32-OpenSSH/issues/2249 opened earlier