A critical‐severity OpenSSH security vulnerability has been disclosed that can lead to remote code execution as root. We have fixed this by upgrading OpenSSH on unstable and backporting a patch fix from upstream to 24.05 and 23.11, and that fix has now reached all the channels. openssh_hpn and openssh_gssapi are also affected and have been patched. If you have an internet‐exposed machine running an OpenSSH server, you should update as soon as possible. If you’re on unstable, you may want to ch...
This is an automated archive made by the Lemmit Bot.
The original was posted on /r/nixos by /u/JSANL on 2024-07-02 11:26:38+00:00.