openssh not uptodate on SLES15

Hello.
I have a SLES15 system (with no SP installed because it is not accepted and certified by applications.)
openssh is version OpenSSH_7.6p1 so it seems to be concerned by CVE-2019-6110
but I found a patch that correct this CVE ; it is SUSE-SLE-Module-Basesystem-15-2019-126
When I try to install it : it is always installed :smile:
So am I protected

zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-126

Refreshing service ‘Basesystem_Module_15_x86_64’.
Refreshing service ‘Desktop_Applications_Module_15_x86_64’.
Refreshing service ‘Development_Tools_Module_15_x86_64’.
Refreshing service ‘Legacy_Module_15_x86_64’.
Refreshing service ‘SUSE_Linux_Enterprise_Server_15_x86_64’.
Refreshing service ‘Server_Applications_Module_15_x86_64’.
Loading repository data…
Reading installed packages…
‘patch:SUSE-SLE-Module-Basesystem-15-2019-126’ is already installed.
Resolving package dependencies…

Nothing to do.
So am I protected against the openssh issue referenced in CVE-2019-6110 with my openssh in version 7.6p1 ?
Thank you.
Emmanuel

Hi and welcome to the Forum :slight_smile:
You can verify the package and CVE via SUSE Customer Center under the patches tab and enter the CVE reference;
https://scc.suse.com/patches

You can also select the CVE link for more info;
https://www.suse.com/security/cve/CVE-2019-6110/

In your case openssh-7.6p1-9.13.1 has been updated for this CVE.

Thank you for helping. I see in the CVE link that the Patchnames for this CVE is SUSE-SLE-Module-Basesystem-15-2019-126 ; so if zypper tells “is already installed”, it is OK for me ?
Or should I install another package ? openssh-7.6p1-9.13.1 ?
I found https://www.suse.com/fr-fr/support/update/announcement/2019/suse-su-20190126-1/
but it is also installed :

zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-126=1

Refreshing service ‘Basesystem_Module_15_x86_64’.
(…)
Loading repository data…
Reading installed packages…
‘patch:SUSE-SLE-Module-Basesystem-15-2019-126 = 1’ is already installed.
Resolving package dependencies…

Nothing to do.

Hi
Use zypper if openssh to see the version installed, but if those patches say they are installed, then you should be good to go.

Thank you !
Here is the result :smile: Information for package openssh:
Repository : SLE-Module-Basesystem15-Updates
Name : openssh
Version : 7.6p1-9.32.1
So, it seems good.

Hi
Indeed it does :slight_smile:

Good news, thanks a lot for your help.