影响OpenSSH:9.3p2版本以下版本,
请问升级能解决这个漏洞问题吗?
What is a CVE ID? You can check the openEuler CVE Security Vulnerability List | Security Information | openEuler Community to see if the fix has been merged; upgrading the version is not always necessary.
| OpenSSH 命令注入漏洞(CVE-2020-15778) |
|---|
| OpenSSH 安全漏洞(CVE-2021-28041) |
| OpenSSH 安全漏洞(CVE-2023-38408) |
你的啥版本?
没有呢
[root@openeuler2203 ~]# sshd --help
unknown option – -
OpenSSH_8.8p1, OpenSSL 1.1.1wa 16 Nov 2023
usage: sshd [-46DdeiqTt] [-C connection_spec] [-c host_cert_file]
[-E log_file] [-f config_file] [-g login_grace_time]
[-h host_key_file] [-o option] [-p port] [-u len]
[root@openeuler2203 ~]# rpm -ql openssh --changelog |grep 38408
- CVE:CVE-2023-38408
- DESC:fix CVE-2023-38408
[root@openeuler2203 ~]# cat /etc/os-release
NAME=“openEuler”
VERSION=“22.03 (LTS-SP4)”
ID=“openEuler”
VERSION_ID=“22.03”
PRETTY_NAME=“openEuler 22.03 (LTS-SP4)”
ANSI_COLOR=“0;31”