OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • 24.7 Production Series »
  • CVE-2024-7589 (OpenSSH pre-authentication)
« previous next »
  • Print
Pages: [1]

Author Topic: CVE-2024-7589 (OpenSSH pre-authentication)  (Read 458 times)

InFlammen

  • Newbie
  • *
  • Posts: 2
  • Karma: 1
    • View Profile
CVE-2024-7589 (OpenSSH pre-authentication)
« on: August 12, 2024, 03:11:37 pm »
I believe this urgent patch couldn't make it in 24.7.1 ?  :-\

https://www.freebsd.org/security/advisories/FreeBSD-SA-24:08.openssh.asc
https://thehackernews.com/2024/08/freebsd-releases-urgent-patch-for-high.html
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17607
  • Karma: 1603
    • View Profile
Re: CVE-2024-7589 (OpenSSH pre-authentication)
« Reply #1 on: August 12, 2024, 03:14:29 pm »
We don't build OpenSSH from src.git:

https://github.com/opnsense/tools/blob/382f837cd0d4b0478202ac26c85c4dea5b09d6ee/config/24.7/src.conf#L24

And in ports apparently you need the BLACKLISTD option to be vulnerable for openssh-portable:

# pkg info openssh-portable | grep BLACKLISTD
   BLACKLISTD     : off


Cheers,
Franco
Logged

InFlammen

  • Newbie
  • *
  • Posts: 2
  • Karma: 1
    • View Profile
Re: CVE-2024-7589 (OpenSSH pre-authentication)
« Reply #2 on: August 12, 2024, 03:16:31 pm »
Good to know. Thanks!!!  8)
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • 24.7 Production Series »
  • CVE-2024-7589 (OpenSSH pre-authentication)
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2