I have buildroot environment which has the openssh version 8.1p1 and openssl 1.0.2r. Now we are facing CVE-2023-48795 in existing version. Which is actually resolved in openssh 9.6 version but the catch is, it doesnt support openssl 1.0.2r and requires to upgrade the openssl.
So do we have any patch available that can be applied on 8.1p1 without having to upgrade openssh to 9.6 and keeping openssh as is(as its tedius job to upgrade at the current situation inside organization). Or upgrade openssh upto the version that support openssh 1.0.2
Any help would be very greatly appreciated.
Bookmarks