OpenSSH 9.8 to address CVE-2024-39894 #1551
Labels
security
security concerns
Comments
github-project-automation
bot
moved this to 📝 Needs Triage
in Flatcar tactical, release planning, and roadmap
|
Hi, We didn't have that CVE in our issue list, but thanks for letting us know. @dongsupark, should we have an issue about it? nvd.nist.gov doesn't have much information about it at the first glance. So, 9.8 is still marked as unstable on Gentoo, so as such it was not picked up by us by now. I think that we will do it on Monday, when a new PR with a batch of weekly updates is created. Depending on the severity of the CVE, it may even get backported to other release channels. |
|
I created an issue for that. #1557 It is still not clear how severe that is. No NVD score yet, not that critical according to other distros. |
dongsupark
moved this from 📝 Needs Triage
to 🪵Backlog
in Flatcar tactical, release planning, and roadmap
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
I'm sure these recent OpenSSH issues are as fun for you as they are for us. :-)
I'm not seeing any mention of an upcoming Flatcar release with OpenSSH 9.8, and I'm staying on top of the release channels.
Any word on when we may expect an updated OS with OpenSSH 9.8?
Thanks kindly!
The text was updated successfully, but these errors were encountered: