HPE StoreVirtual Storage / LeftHand
cancel
Showing results for 
Search instead for 
Did you mean: 

openSSH

SOLVED
Go to solution
5y53ng
Regular Advisor

openSSH

Is anyone aware of a patch to upgrade the openSSH version in saniq 9.5? A member of our security team approached me and said it was out of date. The VSA appears to have version 4.3 and the latest version appears to be 6.x.

5 REPLIES
Jitun
HPE Pro

Re: openSSH

There is no Patch to Upgrade openSSH version for SANiQ.

I have requested to check if it will be upgraded in the next version of SANiQ.
--------------------------------------------------------------
How to assign points? Click the KUDOS! star!
5y53ng
Regular Advisor

Re: openSSH

Great, thank you!

Jitun
HPE Pro
Solution

Re: openSSH

The reason we have v4.3 is because SANiQ 9.5 is based on CentOS 5.5/5.7, and that's the version it ships.

 

The vulnerabilities in that version (v4.3) are things that can't be used against SANiQ for various reasons (like the way HP configures it)

--------------------------------------------------------------
How to assign points? Click the KUDOS! star!
5y53ng
Regular Advisor

Re: openSSH

Thank you Jitun,

 

Is there any official documentation from HP stating the VSA is not vulnerable to any exploits of 4.3? I'm not concerned about the version, since the iSCSI SAN is private, but I know security will be looking for something official.

 

Thanks again.

Lakey81
Occasional Visitor

Re: openSSH

Has anyone got any newer information on this?  We just found the same issue with version 10.5 that openssh is coming up with multiple vulnerabilities.