openssh 7.5
During a recent security scan on our network, I took hits for having vulnerable openssh packages installed on my RHEL 7.4 servers.
The description from Tenable is: https://www.tenable.com/pvs-plugins/700019
The solution is to install openssh 7.5 or better but I don't see it available in the RHEL package browser.
Is the RHEL openssh 7.4 version affected by the directory traversal exploit explained above?
Will we see a 7.5 version soon if so?
Thanks for any insight.
R,
Aaron