search

Vonng / pigsty

Free RDS for PostgreSQL —— Pigsty
https://pigsty.io
GNU Affero General Public License v3.0
3.41k stars 261 forks source link

Fix CVE-2024-6387 by install the latest openssh-server #435

Closed Vonng closed 2 months ago

Vonng commented 3 months ago

CVE-2024-6387: https://nvd.nist.gov/vuln/detail/CVE-2024-6387

Which affect OS used by Pigsty:

RockyLinux 9+: https://rockylinux.org/news/2024-07-01-openssh-sigalrm-regression

Debian 12+: https://security-tracker.debian.org/tracker/CVE-2024-6387

Ubuntu 22.04+: https://ubuntu.com/security/CVE-2024-6387

To address, we have to download & install openssh-server during installation.

saintak commented 2 months ago

AlmaLinux OS 9+: https://almalinux.org/blog/2024-07-01-almalinux-9-cve-2024-6387/

Vonng commented 2 months ago

resolved, now openssh-server is auto update to the latest available version during installation.