Bug 275845

Summary:	ssh protocol flaw - CVE-2023-48795 - Terrapin Attack
Product:	Ports & Packages	Reporter:	rob2g2 <rob2g2-freebsd>
Component:	Individual Port(s)	Assignee:	freebsd-bugs (Nobody) <bugs>
Status:	Closed FIXED
Severity:	Affects Many People	CC:	bdrewery, herbert, maxim, ports-security, security-team
Priority:	---
Version:	Latest
Hardware:	Any
OS:	Any

Description rob2g2 2023-12-19 20:46:17 UTC

According to https://www.openwall.com/lists/oss-security/2023/12/18/3 the ssh client and server of the FreeBSD base system is vulnerable. Additionally, openssh-portable seems also vulnerable.

Comment 1 Herbert J. Skuhra 2023-12-19 21:02:50 UTC

https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc

Comment 2 rob2g2 2023-12-19 21:37:18 UTC

well that was fast :-D - great!

Comment 3 Maxim Konovalov freebsd_committer

2023-12-19 22:29:15 UTC

The advisory was published 

https://www.freebsd.org/security/advisories/

https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc