According to the link https://security-tracker.debian.org/tracker/CVE-2014-1692, openssh 1:6.0p1-4+deb7u2 has fixed the cve-2014-1692 vulnerability. I have checked the openssh-server version and openssh-client version of my pve server by "dpkg -l", which shows that is exactly 1:6.0p1-4+deb7u2. But the security scanning still reports CVE-2014-1692 vulnerability. Is it a fake vulnerability warning? or still need I update my pve server?
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.