search

sonic-net / sonic-buildimage

Scripts which perform an installable binary image build for SONiC
Other
718 stars 1.38k forks source link

Inquiry about OpenSSH version 1:8.4p1-5+deb11u1+fips and CVE-2024-6387 #19441

Open littlespace opened 2 months ago

littlespace commented 2 months ago

Hello,

Can you confirm if OpenSSH version 1:8.4p1-5+deb11u1+fips used in the SONiC image is affected by CVE-2024-6387?

Thank you.

prgeor commented 2 months ago

@zhangyanzhao can you please check if this needs to be triaged separately for security issues. @qiluo-msft fyi