I have already searched there and did not find anything related to this particular vulnerability. I did find one PTF from 2023 which is for ssh. That PTF is applied on our sandbox LPAR, scheduled to be rolled out into production shortly. Also, the IBM documentation for z/OS 2.4 SSH states that it is based on Open SSH 6.4p1. Which I think is quite old.
Sent with Proton Mail secure email. On Friday, January 5th, 2024 at 10:33 AM, Kirk Wolf <k...@coztoolkit.com> wrote: > This would be found in the IBM Security Portal. > Here is information on registering to obtain access: > https://www.ibm.com/community/z/wp-content/uploads/sites/14/2022/06/zSystem-Integrity.pdf > > Kirk Wolf > Dovetailed Technologies > http:// http://dovetail.comcoztoolkit.com > > > On Fri, Jan 5, 2024, at 6:50 AM, rpinion865 wrote: > > > Does anyone know if the z/OS implementation of ssh is vulnerable to > > CVE-2023048795? I tried searching > > for z/OS and OpenSSH (CVE-2023-48795). But, I did not get any hits specific > > to z/OS. Thanks in advance. > > > > Cross posting to IBMTCP-L and IBM Main > > > > Sent with Proton Mail secure email. > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
