Need fix for CVE-2024-6409

flatcar / Flatcar

Flatcar project repository for issue tracking, project documentation, etc.

https://www.flatcar.org/

Apache License 2.0

767 stars 32 forks source link

Need fix for CVE-2024-6409 #1542

Closed RicMackie closed 2 months ago

RicMackie commented 2 months ago

Just looking for a timeline for a release that addresses this CVE, please. Thank you!

tormath1 commented 2 months ago

Hello @RicMackie,

I checked and this CVE seems to only concern RHEL downstream patches^1:

It's disappointing that this CVE states that this is a vulnerability in OpenSSH sshd, and fails to make clear that this only affects Redhat versions and users of their downstream patch.

dongsupark commented 2 months ago

Nothing to do, feel free to reopen if there is any remaining issue.