Skip to content

Commit

Permalink
Merge pull request #1134 from stackhpc/security-common-openssh
Browse files Browse the repository at this point in the history 
Restrict security-common to OpenSSH packages
  • Loading branch information
@markgoddard
markgoddard committed Jul 6, 2024
2 parents 91db1ae + 767ce13 commit d0ad042
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 0 deletions.
1 change: 1 addition & 0 deletions etc/kayobe/dnf.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,7 @@ dnf_custom_repos_rocky_9:
file: Rocky-SIG-Security-Common
gpgkey: "{{ rocky_9_sig_security_gpg_key }}"
gpgcheck: yes
includepkgs: "openssh*"
username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}"
password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}"

Expand Down
6 changes: 6 additions & 0 deletions releasenotes/notes/security-common-openssh-6fbd5a1e95fd66ae.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
security:
- |
Enables the Rocky Linux 9 SIG Security Common repository, which provides
updated OpenSSH packages addressing CVE-2024-6387 (regreSSHion). Other
packages available in this repository are currently ignored.

0 comments on commit d0ad042

Please sign in to comment.