SSH-2.0-OpenSSH_8.0 and 8.7 vulnerabilities reported by Qualys on Oracle Linux
Hello everyone,
I am seeking assistance to clarify the status of several OpenSSH vulnerabilities reported on servers running Oracle Linux Enterprise.
Current server status
Server A - Oracle Linux 8.10
- Operating system: Oracle Linux Server release 8.10
- Installed packages:
- openssh-8.0p1-27.0.1.el8_10.x86_64
- openssh-clients-8.0p1-27.0.1.el8_10.x86_64
- openssh-server-8.0p1-27.0.1.el8_10.x86_64
- Package date: Dec 17, 2025 (latest published patch)
Server B - Oracle Linux 9.7
- Operating system: Oracle Linux Server release 9.7
- Installed packages:
- openssh-8.7p1-47.0.1.el9_7.x86_64
- openssh-clients-8.7p1-47.0.1.el9_7.x86_64
- openssh-server-8.7p1-47.0.1.el9_7.x86_64
- Package date: Dec 17, 2025 (latest published patch)
Both operating systems have the most recent OpenSSH patches released by Oracle as of December 2025.
0