openssh outdated by 8.2
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssh (Ubuntu) |
Fix Released
|
High
|
Colin Watson |
Bug Description
Hi,
yeah, it's not yet a bug, but it will become a (security) bug within lifetime of 20.04 if not 'fixed'.
Currently openssh for Ubuntu 20.04 is still on 8.1p1, while upstream the version 8.2 has just been released:
https:/
It comes with important security updates, e.g. not accepting SHA-1 for key generation/
It would be important (and nice) to have these improvements of security in Ubuntu 20.04.
It might not yet be seen as a security vulnerability, but it will probably become one soon.
Thanks
tags: | added: upgrade-software-version |
Changed in openssh (Ubuntu): | |
status: | In Progress → Fix Committed |
Hi Hadmut,
we had the same discussion over the weekend if 8.2 would be good to have in 20.04.
I subscribed cjwatson who usually does openssh updates to comment on his intentions in this regard.