On Fri, 12 Apr 2019 15:35:55 +0800, Timothy Sipples wrote: >Paul Jodlowski wrote: >>Currently OpenSSH is at 6.4p1, I have been asked by our >>Network Security Team to upgrade to OpenSSH 7.4. > >That's an "amusing" recommendation from your Network Security Team. Unless >security patches have been backported and applied to a particular >distribution of OpenSSH, OpenSSH 7.4p1 has at least three known security >vulnerabilities that I see: CVE-2018-15919, CVE-2018-15473, and >CVE-2017-15906. > I find these mentioned at site:ibm.com, mostly referring to AIX and IBM i. Can the OP find relevant APARs/PTFs to show Security Team?
-- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
