I’m running a few Debian stable systems that are up to date on patches.
But I just ran ssh -V and the OpenSSH version listed is “OpenSSH_9.2p1 Debian-2+deb12u3” which as I understand is still vulnerable.
Am I missing something or am I good?
You must log in or register to comment.
PoC on 32 bit requires thousands of authentication attempts, so any sane firewall should protect you against it already. Afaik there isnt any for 64 bit
Never mind, found the Debian security bulletin, my version is patched already.
Leaving this here for any other newbies that might be wondering.
Sorry, all!
That version has been patched.
