CVE-2024-7589 (OpenSSH pre-authentication)

Main Menu

Welcome to OPNsense Forum.
Log in
Sign up

OPNsense Forum
► English Forums
► 24.7, 24.10 Production Series
► CVE-2024-7589 (OpenSSH pre-authentication)

CVE-2024-7589 (OpenSSH pre-authentication)

Started by InFlammen, August 12, 2024, 03:11:37 PM

Previous topic - Next topic

Print

Go Down Pages1

InFlammen
Newbie
Posts 2
Logged

CVE-2024-7589 (OpenSSH pre-authentication)

August 12, 2024, 03:11:37 PM

I believe this urgent patch couldn't make it in 24.7.1 ? :-\

https://www.freebsd.org/security/advisories/FreeBSD-SA-24:08.openssh.asc
https://thehackernews.com/2024/08/freebsd-releases-urgent-patch-for-high.html

franco
Administrator
Hero Member
Posts 18,052
Location: Germany
Logged

Re: CVE-2024-7589 (OpenSSH pre-authentication)

August 12, 2024, 03:14:29 PM #1

We don't build OpenSSH from src.git:

https://github.com/opnsense/tools/blob/382f837cd0d4b0478202ac26c85c4dea5b09d6ee/config/24.7/src.conf#L24

And in ports apparently you need the BLACKLISTD option to be vulnerable for openssh-portable:

# pkg info openssh-portable | grep BLACKLISTD
BLACKLISTD : off

Cheers,
Franco

InFlammen
Newbie
Posts 2
Logged

Re: CVE-2024-7589 (OpenSSH pre-authentication)

August 12, 2024, 03:16:31 PM #2

Good to know. Thanks!!! 8)

Print

Go Up Pages1

OPNsense Forum
► English Forums
► 24.7, 24.10 Production Series
► CVE-2024-7589 (OpenSSH pre-authentication)

User actions

Print