You're welcome!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1732172
Title:
[CVE] Security Vulnerabilities in OpenSSH on Ubuntu 14.04
To manage notifications about this bug go to:
https://bugs.lau
Marc thanks so much for quickly fixing this. I really appreciate this.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1732172
Title:
[CVE] Security Vulnerabilities in OpenSSH on Ubuntu 14.04
To mana
Updated have now been published:
https://usn.ubuntu.com/usn/usn-3538-1/
** Changed in: openssh (Ubuntu)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1732172
thanks for confirmation
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1732172
Title:
[CVE] Security Vulnerabilities in OpenSSH on Ubuntu 14.04
To manage notifications about this bug go to:
https://
Yes, I've started working on them.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1732172
Title:
[CVE] Security Vulnerabilities in OpenSSH on Ubuntu 14.04
To manage notifications about this bug go t
Hi Marc, Thanks for the update. I hope that your plan to fix these
issues are more or less final. We are transitioning to Ubuntu in our
organization but stuck because of this. Can I tell my users about this
timeline?
--
You received this bug notification because you are a member of Ubuntu
Bugs, w
We will likely be releasing openssh updates that include this issue in
the next couple of weeks.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1732172
Title:
[CVE] Security Vulnerabilities in OpenSS
In the end we just complied this from source to upgrade the version to
OpenSSH 7.4 - not ideal, but easier then upgrading the server for now.
If you can upgrade the server this is the preferred method.
Basically we followed this though:
https://gist.github.com/techgaun/df66d37379df37838482c4c3470
Hi Marc,
We are new to ubuntu and like other are stuck with PCI compliance.
Given that ubuntu will not be providing the patch for above in near future ,can
you let us know any mitigation steps for this. Like installing from Ubuntu17.04
repo or installing it from source?
This would be really help
Hi,
Thanks for commenting on this issue.
We have rated CVE-2016-10009 as a low-priority issue because an attacker
would need to control both the forwarded agent socket and write access
to the filesystem of the host running the agent, an unlikely scenario.
Other Linux distributions have also rated
Is there a way to review CVE-2016-10009 priority in Ubuntu?
According to https://www.cvedetails.com/cve/CVE-2016-10009/ it has CVSS
Score of 7.5 (High) and is easily exploitable. It is a remote code
execution vulnerability in one of the components (openssh server) that
are commonly exposed to outs
Marking as incomplete given the response in comment #3
** Changed in: openssh (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1732172
Title:
[CVE] Security V
Thanks for taking the time to report this bug and make Ubuntu better. You can
see more information about these CVEs by using the CVE tracker. See
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8858.html
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-10009.html
htt
** Tags added: trusty
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1732172
Title:
[CVE] Security Vulnerabilities in OpenSSH on Ubuntu 14.04
To manage notifications about this bug go to:
https://bu
The current installed version is: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1732172
Title:
[CVE] Security Vulnerabilities in OpenSSH on Ubuntu 14.04
To manage
15 matches
Mail list logo
