Tiny Core Extensions > TCE Talk

openssh 9.6.p1 to mitigate CVE-2023-48795 - Terrapin attack

(1/2) > >>

ovacikar:
Hello,

Current openssh 9.5p1 appear vulnerable to  CVE-2023-48795, I was able to compile openssh 9.6.p1 using the same instructions (except using newest openssl-dev

http://tinycorelinux.net/11.x/x86/tcz/src/openssh/compile_openssh

Should I start preparing a submission, or the original maintainer (juanito) can rather do it?

patrikg:
Why not offload juanito, and submit a extension, he is doing a lot.

ovacikar:
Well I found out the install did not provide the etc/init.d/openssh script. I can run it from bootlocal.sh using existing keys.

So will need to revisit building a tcz.

Rich:
Hi patrikg
That's up to Juanito to decide, not you.

Juanito:
I’m happy to do it, but it’ll be in a couple of weeks time..

Navigation

[0] Message Index

[#] Next page