Hello,
in this issue it is stated that CVE-2024-6387 has already been addressed.
https://gitlab.alpinelinux.org/alpine/aports/-/issues/16298
However, in the current alpine version 3.20.2 the OpenSSH Version is still 9.7 (see below).
Will the fix only be available in the "edge" version or is it planned for one of the next patches?
-------------------------------
# cat /etc/os-release
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.20.2
...
# sshd -V
OpenSSH_9.7p1, OpenSSL 3.3.1 4 Jun 2024
-------------------------------
Thanks a lot and best regards,
Thomas Rolfes