* Have ya'll seen the news about the openssh vulnerablity?
@ 2024-07-01 13:01 jbranso
2024-07-01 15:15 ` Felix Lechner via Development of GNU Guix and the GNU System distribution.
0 siblings, 1 reply; 2+ messages in thread
From: jbranso @ 2024-07-01 13:01 UTC (permalink / raw)
To: guix-security, guix-devel
Heyo,
Have you all seen this new openssh vulnerability?
Is guix affected?
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
Thanks,
Joshua
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Have ya'll seen the news about the openssh vulnerablity?
2024-07-01 13:01 Have ya'll seen the news about the openssh vulnerablity? jbranso
@ 2024-07-01 15:15 ` Felix Lechner via Development of GNU Guix and the GNU System distribution.
0 siblings, 0 replies; 2+ messages in thread
From: Felix Lechner via Development of GNU Guix and the GNU System distribution. @ 2024-07-01 15:15 UTC (permalink / raw)
To: jbranso, guix-security, guix-devel
Hi Joshua,
On Mon, Jul 01 2024, jbranso@dismail.de wrote:
> Is guix affected?
Yes, our version is affected. While the vulnerability is "critical,"
however, the note also states that the exploit has not yet been
demostrated on 64-bit systems, which are the most common today.
Also, this release disables DSA keys "at compile time." Not sure how
that's different from before but it may be helpful to inlude a NEWS
entry.
Kind regards
Felix
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-07-01 15:16 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-07-01 13:01 Have ya'll seen the news about the openssh vulnerablity? jbranso
2024-07-01 15:15 ` Felix Lechner via Development of GNU Guix and the GNU System distribution.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).