- Security - AlmaLinux List Archives

Httpd vulnerability
by Simon Dodd 09 Oct '24

09 Oct '24

Good morning, There was a new high vulnerability for apache released last week for version 2.4.57-11.el9_4 which is resolved in 2.4.57-11.el9_4.1 I have tried running an update but there is nothing available as of yet for this. Will this be added to the repository soon or should we update manually? Thanks -- Kindest regards, Simon Dodd Customer Systems Engineer Pervade Software Tel: +44 1327 304 843 Email: simon(a)pervade-software.com<mailto:simon@pervade-software.com> Web: www.pervade-software.com<http://www.pervade-software.com/> This email contains proprietary and confidential information which may be legally privileged, and is for the intended recipient only. The contents of any telephone or face-to-face conversations relating to the same subject matters referenced in this email should also be considered proprietary and confidential. Access, disclosure, copying, distribution, or reliance on any of it by anyone else is prohibited and may be a criminal offence. Please delete if obtained in error and email confirmation to the sender. Pervade Software Ltd, Registered in England & Wales No: 07060728 of Temple Court, 13a Cathedral Rd, Cardiff, UK, CF11 9HA. VAT No: 128 8405 03 Tel: 02920 647 632 Email: info(a)pervade-software.com<mailto:info@pervade-software.com>

3 2

Severe Unauthenticated RCE Flaw (CVSS 9.9) in GNU/Linux Systems - Awaiting Full Disclosure
by security＠ceo-vision.com 25 Sep '24

25 Sep '24

Hello everyone, As you may know, for reference : - https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/ - https://threadreaderapp.com/thread/1838169889330135132.html It may be something big in the next few days

1 0

OpenSSH Vulnerability CVE-2024-6409
by Neil Coils 10 Jul '24

10 Jul '24

Good Morning, We’ve just been made aware of a possible new OpenSSH Vulnerability CVE-2024-6409 https://thehackernews.com/2024/07/new-openssh-vulnerability-discovered.html Can you please confirm if CVE-2024-6409 is covered by the update delivered for CVE-2024-6387 (aka RegreSSHion) or are we looking at a new vulnerability that will require a new update. If a new update is required are there any details or release dates available. We are currently running OpenSSH_8.7p1 on AlmaLinux release 9.4 (Seafoam Ocelot) Thanks for your help with this matter. Best Regards Neil Coils Pervade Software Mob: +44 7740451604<tel:+447740451604> Email: neil(a)pervade-software.com<mailto:neil@pervade-software.com> Web: www.pervade-software.com<http://www.pervade-software.com/> This email contains proprietary and confidential information which may be legally privileged, and is for the intended recipient only. The contents of any telephone or face-to-face conversations relating to the same subject matters referenced in this email should also be considered proprietary and confidential. Access, disclosure, copying, distribution, or reliance on any of it by anyone else is prohibited and may be a criminal offence. Please delete if obtained in error and email confirmation to the sender. Pervade Software Ltd, Registered in England & Wales No: 07060728 of Temple Court, 13a Cathedral Road, Cardiff, CF11 9HA. VAT No: 128 8405 03 Tel: 02920 647 632 Email: info(a)pervade-software.com<mailto:info@pervade-software.com>

2 2

AlmaLinux 9 OpenSSH "regreSSHion" CVE-2024-6387
by Jonathan Wright 10 Jul '24

10 Jul '24

Hello, We have published updates for OpenSSH's "regreSSHion" vulnerability, CVE-2024-6387. Please see the blog post at https://f89ae520.almalinux-org.pages.dev/blog/2024-07-01-almalinux-9-cve-20… for more information. -- Jonathan Wright AlmaLinux Foundation Mattermost: chat <https://chat.almalinux.org/almalinux/messages/@jonathan>

6 7

[Ticket ID: 190306] Re: OpenSSH Vulnerability- CVE identifier CVE-2024-6387
by Cybrancee Web Hosting Support 02 Jul '24

02 Jul '24

Can someone just remove us from this list, we didn't sign up to it. ---------------------------------------------- Ticket ID: #190306 Subject: [Security] Re: OpenSSH Vulnerability- CVE identifier CVE-2024-6387 Status: Answered Ticket URL: https://cybrancee.com/client/viewticket.php?tid=190306&c=Sf8JmXTV ----------------------------------------------

1 0

[Ticket ID: 190306] Re: OpenSSH Vulnerability- CVE identifier CVE-2024-6387
by Cybrancee Web Hosting Support 01 Jul '24

01 Jul '24

Jonathan Wright, Thank you for contacting our support team. A support ticket has now been opened for your request. You will be notified when a response is made by email. The details of your ticket are shown below. Subject: [Security] Re: OpenSSH Vulnerability- CVE identifier CVE-2024-6387 Priority: Medium Status: Open You can view the ticket at any time at https://cybrancee.com/client/viewticket.php?tid=190306&c=Sf8JmXTV --- Cybrancee https://cybrancee.com

1 0

OpenSSH Vulnerability- CVE identifier CVE-2024-6387
by Neil Coils 01 Jul '24

01 Jul '24

Hi, Is there a recommendation for AlmaLinux 9 users regarding this ‘OpenSSH Vulnerability- CVE identifier CVE-2024-6387’ Thanks & Regards Neil Coils Pervade Software Mob: +44 7740451604<tel:+447740451604> Email: neil(a)pervade-software.com<mailto:neil@pervade-software.com> Web: www.pervade-software.com<http://www.pervade-software.com/> This email contains proprietary and confidential information which may be legally privileged, and is for the intended recipient only. The contents of any telephone or face-to-face conversations relating to the same subject matters referenced in this email should also be considered proprietary and confidential. Access, disclosure, copying, distribution, or reliance on any of it by anyone else is prohibited and may be a criminal offence. Please delete if obtained in error and email confirmation to the sender. Pervade Software Ltd, Registered in England & Wales No: 07060728 of Temple Court, 13a Cathedral Road, Cardiff, CF11 9HA. VAT No: 128 8405 03 Tel: 02920 647 632 Email: info(a)pervade-software.com<mailto:info@pervade-software.com>

3 2

OpenSSH policies / system crypto policy equivalence
by Francesco Di Nucci 20 Jun '24

20 Jun '24

Hello, I am trying to write a crypto policy modifier to disable some kex algorithms in OpenSSH (not the one in the example, but the issue is the same). Reading //usr/share/crypto-policies/python/policygenerators/openssh.py/, I find mappings like /'ECDHE-SECP521R1-SHA2-512': 'ecdh-sha2-nistp521'/, so I tried to write in a pmod /key_exchange = -ECDHE-SECP521R1-SHA2-512/ When I try to load it with update-crypto-policies, it fails stating /Bad value of policy property `key_exchange`: `ECDHE-SECP521R1-SHA2-512`/, and in fact If I check //usr/share/crypto-policies/python/cryptopolicies/alg_lists.py, /ECDHE-SECP521R1-SHA2-512 is not defined there. So, how can I disable in OpenSSH kex/algorithms/etc that are defined in //usr/share/crypto-policies/python/policygenerators/openssh.py /but not in //usr/share/crypto-policies/python/cryptopolicies/alg_lists.py?/ Best regards Francesco Di Nucci

1 0

Hello
by ray 01 May '24

01 May '24

1 0

AlmaLinux 9 - OpenSSh vulnerability
by Sujith PK 29 Apr '24

29 Apr '24

Hi Team, We are reaching out to inquire about the reported vulnerabilities in the OpenSSH version (openssh.x86_64 8.7p1-34.el9_3.3) on AlmaLinux 9.We would like to know whether the fixes are included same like redaht in the version of openssh.x86_64 8.7p1-34.el9_3.3? CVE-2023-48795, CVE-2023-51385 and CVE-2023-51384. Thanks & Regards, Sujith P K CIO Global Server Management [Shape Description automatically generated with medium confidence] 3rd Floor, Wing B WTC2 Bagmane World Technology Center SEZ Marathahalli Outer Ring Road, Mahadevapura, Bangalore 560 048, India [cid:image002.gif@01DA970B.9E2E2670]<mailto:> +91- 8971692387 | sujith.pk(a)mphasis.com<mailto:sujith.pk@mphasis.com> www.mphasis.com<http://www.mphasis.com/> Information Transmitted by this Email is Proprietary to Mphasis, its Associated Companies and/or its Customers and is Intended for use only by the Individual or Entity to which it is Addressed, and may contain Information that is Privileged, Confidential or Exempt from Disclosure under Applicable Law. If you are not the Intended Recipient or it appears that this Email has been Forwarded to you without proper Authority, you are Notified that any use or Dissemination of this Information in any manner is Strictly Prohibited. In such cases, please Notify us Immediately at mailmaster(a)mphasis.com and delete this Email from your Records.

2 2