Gil: I have not found any APARs/PTFs for z/OS. I will probably just stop the OpenSSH services (as I started for a proof of concept with CyberArk)
Thanks all for your suggestions -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Paul Gilmartin Sent: Friday, April 12, 2019 11:35 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: OpenSSH upgrade option On Fri, 12 Apr 2019 15:35:55 +0800, Timothy Sipples wrote: >Paul Jodlowski wrote: >>Currently OpenSSH is at 6.4p1, I have been asked by our Network >>Security Team to upgrade to OpenSSH 7.4. > >That's an "amusing" recommendation from your Network Security Team. >Unless security patches have been backported and applied to a >particular distribution of OpenSSH, OpenSSH 7.4p1 has at least three >known security vulnerabilities that I see: CVE-2018-15919, >CVE-2018-15473, and CVE-2017-15906. > I find these mentioned at site:ibm.com, mostly referring to AIX and IBM i. Can the OP find relevant APARs/PTFs to show Security Team? -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN