FEDORA-2024-dc89a2e1bf — security update for openssh

stable

openssh-9.6p1-1.fc40.4

FEDORA-2024-dc89a2e1bf created by dbelyavs a year ago for Fedora 40

Backport fix for CVE-2024-6387 (#2294879) Backport fix for ObscureKeystrokeTiming logic error from OpenSSH 9.8

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2024-dc89a2e1bf

This update has been submitted for testing by dbelyavs.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

asosedkin provided feedback a year ago

karma

BZ#2294904 CVE-2024-6387 openssh: Possible remote code execution due to a race condition in signal handling [fedora-40]

markec commented & provided feedback a year ago

karma

Thanks! Is f40.4 expected package name here?

imsedgar commented & provided feedback a year ago

karma

Works without problems. I also wonder about the release numbering. I would have expected 5.fc40 instead of 1.fc40.4 . It seams to me that only openssh uses this numbering schema.

This update's test gating status has been changed to 'passed'.

a year ago

markec provided feedback a year ago

karma

This update has been submitted for stable by bodhi.

a year ago

clang commented & provided feedback a year ago

The numbering scheme is fine and supported. Increasing the number after the %{dist} tag ensures a clean upgrade path from 1.fc40 to 1.fc41. This wasn't necessary here, since we will likely not ship 9.6p1-1.fc41 in F41, but I don't think this warrants another rebuild for this important fix.