Share via

new Ubuntu deployed today, still had old openssh-server, will Azure update the base container? CVE-2006-5051

Paul Bent 20 Reputation points
2024-07-19T15:14:43.8766667+00:00

I deployed a new Ubuntu 24.04 this morning. This base image right from Azure still has OpenSSH 9.6 (SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.4), isn't that a problem? CVE-2006-5051

How many Azure containers are at risk if they were installed and not patched? The apt update/upgrade still shows the most current version, not the patched version.

https://ubuntu.com/blog/ubuntu-regresshion-security-fix

Or am I missing something?

#openssh #sshd #security #openforwork

Azure Web Application Firewall
Accepted answer
  1. deherman-MSFT 36,431 Reputation points Microsoft Employee
    2024-07-19T21:54:09.39+00:00

    @Paul Bent
    The answer given here does a good job explaining this. I believe you are referring to CVE-2024-6387, which is patched for 24.04 in 1:9.6p1-3ubuntu13.3.

    User's image

    If you still have questions, please let us know in the "comments" and we would be happy to help you. Comment is the fastest way of notifying the experts.

    If the answer has been helpful, we appreciate hearing from you and would love to help others who may have the same question. Accepting answers helps increase visibility of this question for other members of the Microsoft Q&A community.

    Thank you for helping to improve Microsoft Q&A!

    User's image

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.