LinuxQuestions.org - OpenSSH retro updates

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - OpenSSH retro updates (https://www.linuxquestions.org/questions/linux-security-4/openssh-retro-updates-4175447713/)

200mg

01-29-2013 11:57 AM

OpenSSH retro updates

I have recently started doing security scans with openvas and one of the common medium level threats I get are various exploits for OpenSSH. Whats the easiest way to tell if the currently installed version of OpenSSH has been retroactively updated to account for a specific vulnerability?

tronayne

01-29-2013 12:27 PM

Open a terminal. Enter

Code:

ssh -V

That will show you the installed version.

Current version from openssh.com is 6.1 (released August 29, 2012).

Google "openssh" will show you a few places where OpenSSH is maintained and available (but, you'll have to build it from source if you find a bleeding edge version).

Hope this helps some.

unSpawn

01-29-2013 12:31 PM

Grep for CVE's in --changelog?

All times are GMT -5. The time now is 09:44 PM.