@vertka
It is! According to the paper, this CVE happened because important code, which in turn was a fix for similar prior vulnerability, was removed from one of the routines — hence its name: regreSSHion.
This machine was using 9.1p1 and I've downgraded to 8.4p1 instead of upgrading to 9.8p1 — because according to the paper versions above 4.4, but below 8.5p1 shouldn't be affected.
So in a way it's still a fix, just an unusual one 😄
Embed Notice
HTML Code
Corresponding Notice
- Embed this notice
m0xEE (m0xee@social.librem.one)'s status on Wednesday, 03-Jul-2024 19:22:19 JSTm0xEE