I’m running a few Debian stable systems that are up to date on patches.
But I just ran ssh -V and the OpenSSH version listed is “OpenSSH_9.2p1 Debian-2+deb12u3” which as I understand is still vulnerable.
Am I missing something or am I good?
I’m running a few Debian stable systems that are up to date on patches.
But I just ran ssh -V and the OpenSSH version listed is “OpenSSH_9.2p1 Debian-2+deb12u3” which as I understand is still vulnerable.
Am I missing something or am I good?
Never mind, found the Debian security bulletin, my version is patched already.
Leaving this here for any other newbies that might be wondering.
Sorry, all!
“oh but Debian only has old stuff” , yeah sure. :P
LTS means security fixes, but little else if any. good luck if you need a feature that came out a year ago it’s not in the repo yet