OSVDB-166706

To: debian-security@lists.debian.org
Subject: OSVDB-166706
From: Adam Weremczuk <adamw@matrixscience.com>
Date: Mon, 13 Nov 2017 12:57:48 +0000
Message-id: <[🔎] 613e1ead-3566-e444-6f33-b30bdca06533@matrixscience.com>

Hello,

Our quarterly PCI compliance scan has just challenged us on the following:

https://vulners.com/nessus/OPENSSH_76.NASL

Also referred to as OSVDB-166706.

As it's quite new I can't find much information on it online in terms ofpotential hotfixes and workarounds.

There is no openssh version available for wheezy newer than6.0p1-4+deb7u6 which we currently have installed.


This makes me assuming it's either unimportant or in the makings.

I trust Debian team on security, just need to satisfy the scanner, evenif it's just a plain text convincing explanation...


Can somebody advise please?

Thanks
Adam

Reply to:

Follow-Ups:
- Re: OSVDB-166706
  - From: Bastian Blank <waldi@debian.org>

Prev by Date: Re: HTTPS enabled Debian Security repository
Next by Date: Re: OSVDB-166706
Previous by thread: Re: HTTPS enabled Debian Security repository
Next by thread: Re: OSVDB-166706
Index(es):
- Date
- Thread