Date: Tue, 02 Jul 2024 20:53:17 -0600 From: Brett Glass <brett@lariat.net> To: Dan Mahoney <freebsd@gushi.org> Cc: questions@freebsd.org Subject: Re: Close OpenSSH hole on 13.1-RELEASE server without shutting down? Message-ID: <202407030253.UAA07651@mail.lariat.net> In-Reply-To: <BEF296B0-49CF-4A3C-A92D-B115AFC1C127@gushi.org> References: <202407030050.SAA06884@mail.lariat.net> <BEF296B0-49CF-4A3C-A92D-B115AFC1C127@gushi.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 07:03 PM 7/2/2024, Dan Mahoney wrote: >There is a workaround posted in the security advisory. Unfortunately, the "workaround" is in many ways as bad as the vulnerability, because it exposes you to DoS attacks. >You can also firewall off ssh connections from anywhere but trusted sources. Yep. But if a worm based on this vulnerability begins to propagate, it might get behind the firewall. We really want to patch. --Brett
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202407030253.UAA07651>