- Security - AlmaLinux List Archives

OpenSSH Vulnerability CVE-2024-6409
by Neil Coils 10 Jul '24

10 Jul '24

Good Morning, We’ve just been made aware of a possible new OpenSSH Vulnerability CVE-2024-6409 https://thehackernews.com/2024/07/new-openssh-vulnerability-discovered.html Can you please confirm if CVE-2024-6409 is covered by the update delivered for CVE-2024-6387 (aka RegreSSHion) or are we looking at a new vulnerability that will require a new update. If a new update is required are there any details or release dates available. We are currently running OpenSSH_8.7p1 on AlmaLinux release 9.4 (Seafoam Ocelot) Thanks for your help with this matter. Best Regards Neil Coils Pervade Software Mob: +44 7740451604<tel:+447740451604> Email: neil(a)pervade-software.com<mailto:neil@pervade-software.com> Web: www.pervade-software.com<http://www.pervade-software.com/> This email contains proprietary and confidential information which may be legally privileged, and is for the intended recipient only. The contents of any telephone or face-to-face conversations relating to the same subject matters referenced in this email should also be considered proprietary and confidential. Access, disclosure, copying, distribution, or reliance on any of it by anyone else is prohibited and may be a criminal offence. Please delete if obtained in error and email confirmation to the sender. Pervade Software Ltd, Registered in England & Wales No: 07060728 of Temple Court, 13a Cathedral Road, Cardiff, CF11 9HA. VAT No: 128 8405 03 Tel: 02920 647 632 Email: info(a)pervade-software.com<mailto:info@pervade-software.com>

2 2

AlmaLinux 9 OpenSSH "regreSSHion" CVE-2024-6387
by Jonathan Wright 10 Jul '24

10 Jul '24

Hello, We have published updates for OpenSSH's "regreSSHion" vulnerability, CVE-2024-6387. Please see the blog post at https://f89ae520.almalinux-org.pages.dev/blog/2024-07-01-almalinux-9-cve-20… for more information. -- Jonathan Wright AlmaLinux Foundation Mattermost: chat <https://chat.almalinux.org/almalinux/messages/@jonathan>

6 7

[Ticket ID: 190306] Re: OpenSSH Vulnerability- CVE identifier CVE-2024-6387
by Cybrancee Web Hosting Support 01 Jul '24

01 Jul '24

Can someone just remove us from this list, we didn't sign up to it. ---------------------------------------------- Ticket ID: #190306 Subject: [Security] Re: OpenSSH Vulnerability- CVE identifier CVE-2024-6387 Status: Answered Ticket URL: https://cybrancee.com/client/viewticket.php?tid=190306&c=Sf8JmXTV ----------------------------------------------

1 0

[Ticket ID: 190306] Re: OpenSSH Vulnerability- CVE identifier CVE-2024-6387
by Cybrancee Web Hosting Support 01 Jul '24

01 Jul '24

Jonathan Wright, Thank you for contacting our support team. A support ticket has now been opened for your request. You will be notified when a response is made by email. The details of your ticket are shown below. Subject: [Security] Re: OpenSSH Vulnerability- CVE identifier CVE-2024-6387 Priority: Medium Status: Open You can view the ticket at any time at https://cybrancee.com/client/viewticket.php?tid=190306&c=Sf8JmXTV --- Cybrancee https://cybrancee.com

1 0

OpenSSH Vulnerability- CVE identifier CVE-2024-6387
by Neil Coils 01 Jul '24

01 Jul '24

Hi, Is there a recommendation for AlmaLinux 9 users regarding this ‘OpenSSH Vulnerability- CVE identifier CVE-2024-6387’ Thanks & Regards Neil Coils Pervade Software Mob: +44 7740451604<tel:+447740451604> Email: neil(a)pervade-software.com<mailto:neil@pervade-software.com> Web: www.pervade-software.com<http://www.pervade-software.com/> This email contains proprietary and confidential information which may be legally privileged, and is for the intended recipient only. The contents of any telephone or face-to-face conversations relating to the same subject matters referenced in this email should also be considered proprietary and confidential. Access, disclosure, copying, distribution, or reliance on any of it by anyone else is prohibited and may be a criminal offence. Please delete if obtained in error and email confirmation to the sender. Pervade Software Ltd, Registered in England & Wales No: 07060728 of Temple Court, 13a Cathedral Road, Cardiff, CF11 9HA. VAT No: 128 8405 03 Tel: 02920 647 632 Email: info(a)pervade-software.com<mailto:info@pervade-software.com>

3 2

OpenSSH policies / system crypto policy equivalence
by Francesco Di Nucci 20 Jun '24

20 Jun '24

Hello, I am trying to write a crypto policy modifier to disable some kex algorithms in OpenSSH (not the one in the example, but the issue is the same). Reading //usr/share/crypto-policies/python/policygenerators/openssh.py/, I find mappings like /'ECDHE-SECP521R1-SHA2-512': 'ecdh-sha2-nistp521'/, so I tried to write in a pmod /key_exchange = -ECDHE-SECP521R1-SHA2-512/ When I try to load it with update-crypto-policies, it fails stating /Bad value of policy property `key_exchange`: `ECDHE-SECP521R1-SHA2-512`/, and in fact If I check //usr/share/crypto-policies/python/cryptopolicies/alg_lists.py, /ECDHE-SECP521R1-SHA2-512 is not defined there. So, how can I disable in OpenSSH kex/algorithms/etc that are defined in //usr/share/crypto-policies/python/policygenerators/openssh.py /but not in //usr/share/crypto-policies/python/cryptopolicies/alg_lists.py?/ Best regards Francesco Di Nucci

1 0

Hello
by ray 01 May '24

01 May '24

1 0

AlmaLinux 9 - OpenSSh vulnerability
by Sujith PK 29 Apr '24

29 Apr '24

Hi Team, We are reaching out to inquire about the reported vulnerabilities in the OpenSSH version (openssh.x86_64 8.7p1-34.el9_3.3) on AlmaLinux 9.We would like to know whether the fixes are included same like redaht in the version of openssh.x86_64 8.7p1-34.el9_3.3? CVE-2023-48795, CVE-2023-51385 and CVE-2023-51384. Thanks & Regards, Sujith P K CIO Global Server Management [Shape Description automatically generated with medium confidence] 3rd Floor, Wing B WTC2 Bagmane World Technology Center SEZ Marathahalli Outer Ring Road, Mahadevapura, Bangalore 560 048, India [cid:image002.gif@01DA970B.9E2E2670]<mailto:> +91- 8971692387 | sujith.pk(a)mphasis.com<mailto:sujith.pk@mphasis.com> www.mphasis.com<http://www.mphasis.com/> Information Transmitted by this Email is Proprietary to Mphasis, its Associated Companies and/or its Customers and is Intended for use only by the Individual or Entity to which it is Addressed, and may contain Information that is Privileged, Confidential or Exempt from Disclosure under Applicable Law. If you are not the Intended Recipient or it appears that this Email has been Forwarded to you without proper Authority, you are Notified that any use or Dissemination of this Information in any manner is Strictly Prohibited. In such cases, please Notify us Immediately at mailmaster(a)mphasis.com and delete this Email from your Records.

2 2

Air gapped updates
by Kevin Huntly 23 Feb '24

23 Feb '24

Hello, I have an air gapped system that requires updating. It is 9.3, and I'm just not sure where to get update packages for transfer into the secure area. Any ideas?

2 1

Re: Fwd: Question regarding ALSA-2023:5244
by Adam Stackhouse 30 Oct '23

30 Oct '23

Hi, Thanks that's great to know, good job it planned reboots then. Thanks for your time on this and have a good day On Mon, 30 Oct 2023, 16:14 Andrew Lukoshko, <alukoshko(a)almalinux.org> wrote: > Hello. > > Our kernel version 4.18.0-477.27.1.el8_8 was released without > CVE-2023-3390 and CVE-2023-20593 fixes, that's why additional kernel > release version 4.18.0-477.27.2.el8_8 was necessary. > So our kernel 4.18.0-477.27.2.el8_8 corresponds to RHEL's > 4.18.0-477.27.1.el8_8. > > -- > Best Regards, > > Andrew Lukoshko | AlmaLinux OS Architect > > On Sunday, Oct 22, 2023 at 6:52 PM, Jonathan Wright < > jonathan(a)almalinux.org> wrote: > Copying @Andrew Lukoshko <alukoshko(a)almalinux.org> to make sure he sees > this. > > On Sun, Oct 22, 2023 at 11:05 AM Adam Stackhouse <adstak(a)gmail.com> wrote: > >> Hi, >> >> Wondering if this is a better place to ask this question regarding a >> kernel release for ALSA-2023:5244 >> >> Original question should be below as a forwarded message to save writing >> it out again. >> >> Thanks in advance for any help regarding this and If you require anymore >> info feel free to reach out. >> >> >> ---------- Forwarded message --------- >> From: Adam Stackhouse <adstak(a)gmail.com> >> Date: Wed, 18 Oct 2023, 10:13 >> Subject: Question regarding ALSA-2023:5244 >> To: <packager(a)almalinux.org> >> >> >> Hi, >> >> I have noticed a slight difference with the kernel release for Alma >> compared to rocky and rhel for example. I was writing to ask if this is an >> expected diverge because of the recent centos repo issues or a mistake from >> the auto generated errata and updateinfo for the package. >> >> The question is on the errata page for --> >> https://errata.almalinux.org/8/ALSA-2023-5244.html >> >> The required kernel version is 4.18.0-477.27.2.el8_8 and this is >> reflected in the updateinfo in the repo however looking to "upstream" and >> alteratives like rocky you can see the same security advisory id generated >> from rhel is showing the required kernel version to be >> --> 4.18.0-477.27.1.el8_8 >> >> So as you can see I am just wondering if this is a mistake in the >> generated output for Alma or an expected diverge as the difference to me is >> rebooting thousands of servers or not to apply security updates :D >> >> Sources for security advisories from rocky and rhel: >> >> Rhel --> https://access.redhat.com/errata/RHSA-2023:5244 >> Rocky --> https://errata.rockylinux.org/RLSA-2023:5244 >> >> Any questions let me know >> _______________________________________________ >> Security mailing list -- security(a)lists.almalinux.org >> To unsubscribe send an email to security-leave(a)lists.almalinux.org >> > > > -- > Jonathan Wright > AlmaLinux Foundation > Mattermost: chat <https://chat.almalinux.org/almalinux/messages/@jonathan> > >

1 0