elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2024-11-16 21:45:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add newly-validated version, it looks like DSM 7.2.1-69057 Update 4 still doesn't contain an updated version of OpenSSH or includes a backported fix.

Mathieu Simon 2024-01-24 07:40:53 +01:00
parent 26f64c0726
commit d4699ad165
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Synology-DSM.md

@ -24,10 +24,9 @@ aes128-gcm@openssh.com
aes192-ctr
aes256-ctr
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com
```
In order to work around [CVE-2023-48795](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795) you can also disable `chacha20-poly1305@openssh.com`.
In order to work around [CVE-2023-48795](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795) `chacha20-poly1305@openssh.com` is disabled until Synology eventually provides a patched of OpenSSH with DSM. Last checked against: DSM 7.2.1-69057 Update 4.
### KEX
@ -67,6 +66,7 @@ At least DSM version 7.2 doesn't allow you reaching a perfect score, since neith
| DSM | ssh-audit |
| ----------------------- | ------------- |
| DSM 7.2.1-69057 Update 4 | [master @ fe65b5df8a2d36fb85747f600685091487837c0d ](https://github.com/jtesta/ssh-audit/commit/fe65b5df8a2d36fb85747f600685091487837c0d) |
| DSM 7.2.1-69057 Update 3 | [master @ c8e075ad13516b59ab30461d2590c3403e3379e8 ](https://github.com/jtesta/ssh-audit/commit/c8e075ad13516b59ab30461d2590c3403e3379e8) |
| DSM 7.2.1-69057 | [master @ 02ab487232de438c0811116f2676cb1c9b5f3d62 ](https://github.com/jtesta/ssh-audit/commit/02ab487232de438c0811116f2676cb1c9b5f3d62) |
| DSM 7.2-64570 Update 3 | |