I'm a Yocto noob so apologies if this is an obvious question. I was just checking our usage of OpenSSH because of https://www.cvedetails.com/cve/CVE-2023-38408/ and it appears: 1. We're using a vulnerable version (9.3p1 on main, 8.9p1 on Kirkstone/LTS) 2. The ForwardAgent feature is enabled by default (https://git.yoctoproject.org/poky/tree/meta/recipes-connectivity/openssh/openssh/ssh_config)
There doesn't seem to be a bug for this yet (https://bugzilla.yoctoproject.org/buglist.cgi?quicksearch=openssh). So what's the process? Is this already being worked on somewhere or should I upgrade the version? If the latter should I do this on Kirkstone (which is what we're using) then main? Thanks., Refs: https://git.yoctoproject.org/poky/tree/meta/recipes-connectivity/openssh/openssh_8.9p1.bb?h=kirkstone https://git.yoctoproject.org/poky/tree/meta/recipes-connectivity/openssh/openssh_9.3p1.bb -- Tom Isaacson
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#60670): https://lists.yoctoproject.org/g/yocto/message/60670 Mute This Topic: https://lists.yoctoproject.org/mt/100400877/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
