275845 – ssh protocol flaw - CVE-2023-48795 - Terrapin Attack

Bug 275845 - ssh protocol flaw - CVE-2023-48795 - Terrapin Attack

Summary: ssh protocol flaw - CVE-2023-48795 - Terrapin Attack

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	freebsd-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-12-19 20:46 UTC by rob2g2
Modified:	2023-12-19 22:29 UTC (History)
CC List:	5 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description rob2g2 2023-12-19 20:46:17 UTC

According to https://www.openwall.com/lists/oss-security/2023/12/18/3 the ssh client and server of the FreeBSD base system is vulnerable. Additionally, openssh-portable seems also vulnerable.

Comment 1 Herbert J. Skuhra 2023-12-19 21:02:50 UTC

https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc

Comment 2 rob2g2 2023-12-19 21:37:18 UTC

well that was fast :-D - great!

Comment 3 Maxim Konovalov freebsd_committer

2023-12-19 22:29:15 UTC

The advisory was published 

https://www.freebsd.org/security/advisories/

https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc