CVE-2018-20685

Note

openssh-ssh1 is provided for compatibility with old devices that
cannot be upgraded to modern protocols. Thus we may not provide security
support for this package if doing so would prevent access to equipment.

Package	Release	Status
openssh Launchpad, Ubuntu, Debian	bionic	Released (1:7.6p1-4ubuntu0.2)
	cosmic	Released (1:7.7p1-4ubuntu0.2)
	disco	Released (1:7.9p1-5)
	eoan	Released (1:7.9p1-5)
	focal	Released (1:7.9p1-5)
	groovy	Released (1:7.9p1-5)
	hirsute	Released (1:7.9p1-5)
	impish	Released (1:7.9p1-5)
	jammy	Released (1:7.9p1-5)
	kinetic	Released (1:7.9p1-5)
	precise	Ignored (end of ESM support, was needed)
	trusty	Released (1:6.6p1-2ubuntu2.12)
	upstream	Released (1:7.9p1-5)
	xenial	Released (1:7.2p2-4ubuntu2.7)
	Patches: upstream: https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2 upstream: https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.197&r2=1.198&f=h
openssh-ssh1 Launchpad, Ubuntu, Debian	bionic	Needs triage
	cosmic	Ignored (reached end-of-life)
	disco	Ignored (reached end-of-life)
	eoan	Ignored (reached end-of-life)
	focal	Needs triage
	groovy	Ignored (reached end-of-life)
	hirsute	Ignored (reached end-of-life)
	impish	Ignored (reached end-of-life)
	jammy	Needs triage
	kinetic	Needs triage
	precise	Does not exist
	trusty	Does not exist
	upstream	Ignored (frozen on openssh 7.5p)
	xenial	Does not exist

Security

CVE-2018-20685

Notes

Medium

Status

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading