CVE-2014-2532 and CVE-2014-2653

sehh

• July 17, 2014 12:05

Hello, I'm failing PCI validation due to these vulnerabilities: CVE-2014-2532 and CVE-2014-2653 I looked at the rpm changelog of openssh-server but can't find any mention of them. Do these vulnerabilities apply on our servers, have these been patched but not documented in the changelog, or is there a patch coming for them? Thank you.

• 

  cPanelMichael

  • July 18, 2014 12:49

  Hello :) Please keep in mind that cPanel does not maintain the OpenSSH RPMs on your system. Those packages are handled through your system package manager (YUM) and updates are pushed out by your OS vendor. Information about each report is available at: Thank you.

  0

Please sign in to leave a comment.