Re: CVE-2023-51385

Good one, Rob
________________________________
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> on behalf of Rob Berendt <robertowenberendt@xxxxxxxxx>
Sent: Tuesday, April 16, 2024 7:34 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: CVE-2023-51385

Please vote on my idea
https://ibm-power-systems.ideas.ibm.com/ideas/IBMI-I-4051<https://ibm-power-systems.ideas.ibm.com/ideas/IBMI-I-4051>

Upgrade level of OpenSSH from v8.6p1 to one which will pass scanning
services.

We are getting dinged by Qualys that our IBM i is exposed to CVE-2023-51385.

I have applied the fixes listed at
https://www.ibm.com/support/pages/node/7123159<https://www.ibm.com/support/pages/node/7123159> however IBM only chose to
patch an old level of OpenSSH instead of putting on a new level of OpenSSH.
This means NOTHING to the scanning services.

IBM's history in the past has been who gives a <expletive deleted> about
PCI compliance and whatnot? As shown by:
https://ibm-power-systems.ideas.ibm.com/ideas/IBMI-I-1094<https://ibm-power-systems.ideas.ibm.com/ideas/IBMI-I-1094>
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l<https://lists.midrange.com/mailman/listinfo/midrange-l>
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l<https://archive.midrange.com/midrange-l>.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.