Tenables Nessus has flagged our servers as vulnerable with OpenSSH 9.9p1 installed saying :
"The version of OpenSSH installed on the remote host is prior to 9.9p2. It is, therefore, affected by a vulnerability as referenced in the release-9.9p2 advisory. sshd(8) in OpenSSH versions 9.5p1 to 9.9p1 (inclusive) is vulnerable to a memory/CPU denial-of-service related to the handling of SSH2_MSG_PING packets. This condition may be mitigated using the existing PerSourcePenalties feature"
Please provide an ETA for a fix.
Thanks
I do not speak for the Toolbox maintainers.
However, note that OpenSSH is provided as part of AIX, not by the maintainers of the AIX Toolbox. You should be able to open a PMR for this and get an ETA on the update from AIX support.