Hacker News new | ask | show | jobs
by thewisenerd 200 days ago
_if_ you're using ubuntu,

there's the CVE tracker you can use to ~argue~ establish that the versions you're using either aren't affected or, have been patched.

https://ubuntu.com/security/cves

https://ubuntu.com/security/CVE-2023-28531
1 comments
thewisenerd 200 days ago
that said, we've also had the same auditor ask us to remove the openssh version upon telnet (which by RFC 4253, is not possible)

so ymmv

link