[DragonFlyBSD - Bug #3403] update crypto/openssh to 10.0
bugtracker-admin at leaf.dragonflybsd.org
bugtracker-admin at leaf.dragonflybsd.org
Tue Feb 24 09:29:50 PST 2026
Issue #3403 has been updated by pmjdebruijn.
Currently OpenSSH 9.8 seems to be missing at least:
CVE-2025-26465.patch
fix-disable-forwarding.patch
http://deb.debian.org/debian/pool/main/o/openssh/openssh_9.2p1-2+deb12u7.debian.tar.xz
OpenSSH 9.1 in DF6.4 is probably missing more, so it probably makes sense to backport 9.8 to DF6.4 with the patches above.
----------------------------------------
Bug #3403: update crypto/openssh to 10.0
http://bugs.dragonflybsd.org/issues/3403#change-14644
* Author: pmjdebruijn
* Status: New
* Priority: Normal
* Target version: 6.6
* Start date: 2026-02-24
----------------------------------------
It seems OpenSSH 10.0 and further are free of vulnerabilities (though I'm not sure what specifically applies to DragonFly):
https://www.openssh.org/security.html
Sticking to 10.0 (and not further) may be beneficial, as it would allow you to pull backported security fixes from (for example) Debian Trixie, which could easy maintenance load...
--
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account
More information about the Bugs
mailing list