A severe vulnerability in OpenSSH, dubbed "regreSSHion" (CVE-2024-6387), has been discovered by the Qualys Threat Research Unit, potentially exposing

cross-posted from: https://lemmy.pt/post/5733711

A severe vulnerability in OpenSSH, dubbed “regreSSHion” (CVE-2024-6387), has been discovered by the Qualys Threat Research Unit, potentially exposing

  • Telorand@reddthat.com
    14·
    3 days ago

    They could get RasPis below 4th gen running outdated software, I guess. I think I read elsewhere that Debian already had a patch out some time ago, so that number is also likely diminishingly small.

    • d_k_bo@feddit.org
      7·
      3 days ago

      I have no idea when I last updated my RasPi 0s (none of which is exposed to the public).

      • oKtosiTe@lemmy.world
        4·
        3 days ago

        Most images and distros are just Raspbian at their core and as such are pretty easy to upgrade.

        I upgraded my homebridge/pihole from Bullseye to Bookworm just a few days ago and it went off without a hitch.

        • IceFoxX@lemm.ee
          3·
          2 days ago

          Did the same with raspi3… It broke too many things for me and couldn’t be restarted. I then completely reinstalled it.

          • oKtosiTe@lemmy.world
            1·
            2 days ago

            Aww that sucks. To be fair I did take a full image backup before attempting the upgrade in case something went awry.

            • IceFoxX@lemm.ee
              2·
              1 day ago

              I also had a complete backup, but I was also considering reinstalling it at the time anyway. Accordingly, only partially restored data. But you should definitely make a backup, that’s true.